Reverse Engineering Yokis Home Automation Devices

Reverse Engineering Yokis Home Automation Devices

These days, it’s hard to keep track of all the companies that are trying to break into the home automation market. Whether they’re rebrands of somebody else’s product or completely new creations, it seems like every company has at least a few “smart” gadgets for you to choose from. We hadn’t heard of the Yokis devices that [Nicolas Maupu] has been working on before today, but thanks to his efforts to reverse engineer their protocol, we think they might become more popular with the hacking crowd.


Even if you don’t have a Yokis MTV500ER dimmer or MTR2000ER switch of your own, we think the detailed account of how [Nicolas] figured out how to talk to these devices is worth a read. His first step was to connect his oscilloscope directly to the SPI lines on the remote to see what it was sending out. With an idea of what he was looking for, he then used an nRF24L01+ radio connected to an ESP8266 to pull packets out of the air so he could analyze their structure. This might seem like a very specialized process, but in reality most of the techniques demonstrated could be applicable for any unknown communications protocol of which you’ve got a hex dump.


On the other hand, if you do have some of these devices (or plan to get them), then the software [Nicolas] has put together looks very compelling. Essentially it’s an interactive firmware for the ESP8266 that allows it to serve as a bridge between the proprietary Yokis wireless protocol and a standard MQTT home automation system. When the microcontroller is connected to the computer you get a basic terminal interface ..