Observations
Idle
Power draw during idle: 0.2W
Whilst Charging
| Wattage | Current |
|---|---|
 |
 |
Internal AP
Xiaomi procedure
Hosts an AP on boot (or is it just pairing?)
Testing AP (isolated)
Pairing
Internet required to pair the Roborock to a Mi account
- makes sense though
Data Encryption
Data is encrypted through SSL (HTTPS) as well as in-protocol encryption
Good!
Protocols?
- QUIC
- RPC (noticed in Xiaomi Home app, on the homepage of the Roborock device)
Addresses
DNS -> sg.api.io.mi.com
When the Roborock turns on
20211025 - router_dump
Every 2 seconds
- 161.116.5.107 -> RoboRock (UDP 8053 to 48041) - len=112
- RoboRock -> 161.116.5.107 (UDP 48041 -> 8053) - len=336
[Find Robot] Function (Xiaomi Home)
- 161.117.5.107 -> RoboRock (UDP) - len=96
- RoboRock -> 161.117.5.107 (UDP) - len=64
Xiaomi Home app
Decrypted HTTPS traffic with mitmproxy
Current Firmware
- Packet with len=32 … keepalive?
- Renaming doesn’t send any update packet?
Wireshark Filter for TZSP
i.e. Port Mirroring from the Mikrotik router
tzsp && !stp && !(ip.dst == 192.168.0.24 || ip.src == 192.168.0.24) && !(ip.dst == 10.10.10.2 || ip.src == 10.10.10.2)
Note
- Initial connection from Xiaomi Home to the Roborock required internet (to load the main ‘plugin’ page)
- After initial connection, internet could be disconnected and some features were still able to work?
- Possibly bad firewall-ing of the internet
- After initial connection, internet could be disconnected and some features were still able to work?
- Could not see local network activity between the Xiaomi Home app and the Roborock
- Don’t use Port Sniffing on the router!
- The switch does not forward packets to the router
- Use the switch’s port mirroring functionality instead
- Don’t use Port Sniffing on the router!