Must the motion-blinds device be added to the "Motion Blinds" app from which the key is extracted?

[hector2007ss]

Must the motion-blinds device be added to the "Motion Blinds" app from which the key is extracted? If this device is not added to my app, but we are in a LAN, can I control it?

[starkillerOG]

@hector2007ss yes you will need an official app in order to retrieve the key. Note that you do not nesesarrly have to use the "Motion Blinds" app, that depends on the actual brand of blinds you have. You need to use the app of the brand you bought (Motion Blinds, Brel, Bloc Blinds, Dooya, Connector app etc.).

Once you have retrieved the key, you do not need the app anymore, all control wil be local over LAN, no internet needed.

[hector2007ss]

Thank you for your reply. Before I retrieve the key, do I need to add the blind that needs to be controlled to the app? I don't know if this will affect the value of key. In addition, with regard to dooya, which models have you tested this method?

[starkillerOG]

@hector2007ss I think you do need to add the blind to the app, but I don't know if the order matters, I suspect not. The key is linked to the account you created when setting up your app (I think it asks you for a e-mail adress). The key does not change when adding aditional blinds.

I personally do not have Dooya motors, but other users have reported to me that it indeed works with Dooya motors. I don't know the exact models, but as far as I am aware it schould work with all Dooya motors that can be added to the Dooya app (connector app). For some motors you will need a bridge/gateway, some others can directly connect over wifi. Some models have bi-direction support (also retriving current position, battery level etc), others (old models) only have uni-direction control. But all types schould be supported by this library.

[starkillerOG]

@hector2007ss what brand and model of blinds do you have?

[hector2007ss]

I'm doing some work in this field, so I'm looking for the brand and model of shutter that can meet our requirements. I have tried to do this work in cameras and other devices before. I found that some brands need to provide certificates like key, and then after getting these certificates, we can control the devices bound to this account. So here I'm interested in whether I need to bind the device on the app in advance.

[starkillerOG]

@hector2007ss what do you mean with "work in this field"? Do you sell smart home gear as your job or something?

I think these blinds work as follows:

• A gateway needs to be registered to a account on which a key is generated, the gateway will refuse to control blinds connected to it without sending a Token allong with the command (token is calculated from the key). The gateway communicates with the blinds over 433MHz radio, this communication does not include the key as for as I am aware but uses some rolling codes or something. A blind is coupled to the gateway by setting it in pairing mode.

• A direct wifi blind can be registered to a account directly on which the blind receives the key/token from the acount. Subseqently the blind can be controlled directly through LAN using the token.

Short answer: yes you will need to bind the device to a acount using the app in advance.

If you explain a bit better what you want to do with the blinds I can maybe recommand a certain blind/brand.

[hector2007ss]

It is only used to do some research on smart home security. As you explained, this mechanism is widely used in the field of smart home. Is there any brands of blinds that can be controlled in the LAN without user identity authentication?

[starkillerOG]

@hector2007ss I did not notice any security issues with these blinds, if I had, I would have reported them to the manufacturer.

Of course you could emilate the app and then link the blinds to that, but that would require physicall acces to the pairing button, so not really a security risk.

The status of the gateway and blinds (position, battery level, RSSI etc) is broadcast on a multicast adress that any one can acces on the local network, but that is only status and you need acces to the LAN.

Controlling the blinds needs the Token/Key.

You could potentially sniff the 433MHz signals from the bridge since they are not encrypted and then send the same commands using a 433MHz transmitter. Have no experiance with this myself, but I know some people did this with Dooya blinds. In that way you could control the blinds, but you would need to sniff the signals while a autenticated user is controlling the blind. I am not sure how the 433MHz protocol actually works in detail.

[hector2007ss]

Ok, thank you for your advice.