Renpho, another IoT story

A while ago I found the perfect Oil Diffuser. [

4 years ago

Latest Post The Great Escape Tunnel by Mario Esposito public

A while ago I found the perfect Oil Diffuser. Perfect because the app that comes with it is flawless, it is wifi controllable and the design of the device it is just peachy. This beauty is commercialized (made?) by a company that runs as Renpho.

Since our house an IoT farm for our own amusement and research projects, I wanted to control the device from other means that the app the device comes with.

In the process of figure out the calls that the app makes to the cloud I discovered a few things that I am going to share with the next one that just like I that will place a bunch of Google queries in search of the key answer:

has anyone already done something that I might use right away and adapt at my likeness?

In doing such a search you will start, likely, with the name of the company and you will find nothing. Since I was that guy today and didn’t find anything here is my findings:

There’s a company called Tuya Smart. They make a global Intelligent platform that enables products smarter for consumers, brands, OEM manufacturers and retail chains. (their words) - more justice to what they do is offered by their own promoting video.

Translating their commercial lingo: they provide the infrastructure, tools, support and a load of other amazing things to enable the making of white-labeled products or your own OEM product. They have extensive documentation around their APIs and a really oiled machine (from what I was able to gather and try) that really takes the burden off of your back from what concerns the making of the app that drives you future awesome gonna be IoT product.

In order to control products built on top of Tuya Smart platform, you need to have the usual suspects: appID, secret and so on. You can apply for a free developer account here. Once you sign up, you look for the well-hidden Cloud API authorization :-) menu item. It is well hidden because when there’s an FAQ for something like that, that means people can’t find it!

Then apply for an iOS development app which gives you access to the SDK. They use Pods (yeah!) as shown by Lib4dev directory.  I just filed my request and what I see is shown below

I am guessing they have a basic checking gate to avoid trolling at some degree. In the meanwhile, you can actually control your smart devices based on Tuya Smart with this node based project. You can tell from this thread on getting access to the cloud API that some parts of their documentation on this basic step could be…shall we say, revisited?! :-)

If you go by the route of skipping their process to get access to the SDK, either because they don’t approve or other roadblocks, you can still control your devices locally but you will need a couple of pieces that are essential for the Nodes project to work. You basically eavesdrop what happens between the app and their backend. That’s when Postman and other debugging tools come really handy. Not the signature failure in the response as they go to a great extent to avoid that people troll their servers. I don’t blame them one bit.

To do some investigations on the calls so that you can control the devices on your local network, there are a couple of ways:

For the latter I will post a separate article since the procedure although simple to execute is not exactly a walk in the park if you have never done something similar before.

I will continue to play using these findings. My ultimate goal is to build some heuristics and drive the device functions and operations based on those. In the meanwhile, if you find anything worth sharing, don’t hesitate and share in the comments below.

Have fun!

Mario Esposito

Published 4 years ago