Troika SELMATE and Home Assistant

From time to time people ask me how to do the reverse engineering of a device to integrate it into Home Assistant. Sure, reverse engineering sounds fancy and will get you a better position in the search engine’s results but let’s be honest it’s not much magic or rocket science and most of the time it’s just putting the pieces together you found. I prefer to talk about it as “using devices beyond the original purpose”.

audius provided me with a Troika SELMATE (KR15-03/WH). It’s a Bluetooth Key/Smartphone Finder. The haptics are excellent and the quality is higher than the standard for such devices.

I usually don’t need to find my keys because my Yubikey is attached and without that I’m not able to unlock my computer. Same for my Smartphone which contains the 2FA app. Both things are most of the time pretty close to me.

The Troika SELMATE can be used in two ways if the device is paired with your smartphone: One press would create a selfie and two presses are activating the alarm on the smartphone. A click on the “Alert” button in the Troika Find app let the device blink and beep. Thus, there are multiple ways to use the device beside the Troika app: simple monitoring of its state, perhaps switching a light on, use it as an alarm device, as physical part of a self-made alarm clock and so on and on 🙂

First let’s see what we can find out. There is no special hardware required. I’m using a Lenovo T460 with a built-in Bluetooth adapter and a Fedora 27 installation. The first tool we are going to use is hcitool which is part of bluez. Perform the following command to install it.

Switch the Troika SELMATE on and run a scan with hcitool .

If you have other Bluetooth device like your smartphone or our mouse then they will show up as well. Make sure that the SELFMATE is not paired with your smartphone anymore. Let’s see what else is available.

Not much so far. Ok, next tool. gatttool  is also part of bluez . Establishing a connection can be done in an interactive way.

The first ting we are going to do is to the characteristic handles and service UUIDs implemented by the device.

Looking them up with the help of the Bluetooth services list will give us an idea about what the device is supporting.

Those two handles which are not documented.

  • 0000ffe0-0000-1000-8000-00805f9b34fb
  • 000018f0-0000-1000-8000-00805f9b34fb

The most import one seems to be “Immediate Alert”. This is the trigger to let the device beep and blink.

0x0015 is the group handle for the UUID 0x1802. Limiting the output to 0x0015 will give us the characteristic for the alarm.

0x2a06 is the UUID for the Alert Level. There are three levels available but only two are useful with a device like a keyfinder.

  • 0x00 (No alert): Nothing
  • 0x01 (Mild alert): Beeping
  • 0x02 (High alert): Beeping and Blinking

Now, we know tht handle and the possible values. This means that we control the device in the way we want.

Like for the app…with a press you can confirm the alarm.

You can also get the battery level (Battery Service 0x180f, Battery Level 0x2a19)

Keep in mind that the value is HEX.

Nice, the battery level is still at 99 %. We don’t care about Link Loss and Tx Power for now.

Next, get the button press. There are two UUID left. At the moment we don’t know much about the remain services or their settings. Without a third-party tool it’s try-and-error with going through possible values. gatttool  needs be in listen mode to receive the signal.

The first two approaches don’t work.

Here we go:

As an example we are going to integrate the Battery level into Home Assistant. Battery level sound like a sensor. Create a file called  in your configuration directory for your custom components. It will become a sensor thus the path will something like that .homeassistant/custom_components/sensor/ . To make the Home Assistant implementation simple, the subprocess module is executing the gatttool . This is not for production usage but for quick tests it sufficient. Also, if multiple platform using the same base then it should become a component.

Copy this code to your  file.

Don’t forget to add the new sensor to your configuration.yaml  file:

After a restart of Home Assistant the new sensor should show up. It seems that the battery is draining quickly.

Let the SELFMATE start beeping is like switching something on or off. For a home automation solution this can be done with a switch. Create a file again in the custom_components  directory but this time in the switch folder, e.g., .homeassistant/custom_components/switch/

The code for the switch is uning pretty much the same elements as the sensor.

To use the switch add it to your configuration.yaml  file:

Implementing the button press is a bit trickier than just monitoring a value. If you want to react on a button press then Home Assistant needs to listen all the time like gatttool  with --listen . If you are interested then I suggest that you take a look at the existing platforms for a proper integration of Bluetooth devices.

This entry was posted in Fedora. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.