Protobuf

Luba's including now Yuka use protobuf messages to communicate over bluetooth and wifi(MQTT).

Progress

Most of the messages have been reverse engineered however Yuka and Luba 2 specific messages for video haven't been done yet and some messages in the dev_net are being worked on.

How to reverse engineer the messages

Decompile the APK using visual studio code with APK Lab (plugin) and look for the files under java_src/com/agilexrobotics/proto/

You may need to selectively pick a version of the app that decompiles properly, I've had issues with some builds not decompiling correctly. The good news is the proto files do not change much, if anything they get added to occasionally.

I personally use ChatGPT to reverse the java back into proto, chatgpt 3.5 is good enough to do this efficently (sort of) you can copy the methods within the files e.g.

    public static final class baseInfo extends GeneratedMessageV3 implements baseInfoOrBuilder {
        public static final int BATT_VAL_FIELD_NUMBER = 3;
        public static final int DEV_STATUS_FIELD_NUMBER = 2;
        public static final int DEV_VERSION_FIELD_NUMBER = 1;
        public static final int INIT_STATUS_FIELD_NUMBER = 4;
        public static final int IS_TILT_FIELD_NUMBER = 5;
        private static final long serialVersionUID = 0;
        private int battVal_;

You do not need anything beyond the above generally speaking to get the correct proto message back, occasionally some int64's should be fixed64 and this is obvious when you decode the messages using protoc as the output will not look correct.

How to find and decode the protobuf messages

The easiest way I find is to pull the btsnoop_hci.log from an android phone for bluetooth and open it in wireshark. You'll see messages from expressif to your device and vice versa. Take the value from any "Rcvd Handle Value Notification" and remove the first bytes up to "08" e.g

4d04f31108f8011001180730013880802042020801

turns into

08f8011001180730013880802042020801

which you then feed into protoc like so

echo 08f8011001180730013880802042020801 | xxd -r -p | protoc --proto_path=/home/michael/git/pyluba/ --decode LubaMsg pyluba/proto/luba_msg.proto

or if you want to look at the raw message to check it over vs the proto files as sometimes things are missed or a message type isn't implemented

echo 08f8011001180730013880802042020801 | xxd -r -p | protoc --proto_path=/home/michael/git/pyluba/ --decode_raw

The only thing you may find is multipart messages have to be put together to decode and you'll find they'll have starting bytes with 0008 I've not worked on a manual way to put them together but the bluetooth library(in pyluba) I wrote will interpret them correctly if you feed the messages into it.