FAQ
TL;DR: Cloudcutter’s 480+ supported-device profiles enable over 90 % first-pass OTA flashes, yet “double-check the real chip” warns nielspiersma [Elektroda, 20339866; tuya-cloudcutter README, 2025]. Match BK7231T vs N prior to run_flash.sh.
Why it matters: A 30-second chip check prevents hours of serial re-flashing and lost devices.
Quick Facts
• BK7231 variants: T (QFN48, 6×6 mm) vs N (QFN32, 5×5 mm) [Elektroda, 20333104]
• detach script auto-detects chip in < 60 s, no flash risk [Elektroda, 20451867]
• Flash/backup UART = TX1/RX1; debug log UART = TX2/RX2 [Elektroda, 21026597]
• 100 % recovery success reported when AP-mode reflashing after a bad OTA [Elektroda, 20452873]
• CC8000 modules share BK7231U pinout but use different keys [Elektroda, 21025914]
1. What is Tuya-Cloudcutter and why use it for OpenBeken flashing?
Tuya-Cloudcutter is an open-source Python toolkit that exploits the OEM OTA channel to replace Tuya firmware with custom images such as OpenBeken. Because it works over Wi-Fi, no soldering is needed and a typical flash finishes in under two minutes [Elektroda, 20333104].
2. How do I confirm whether my device uses a BK7231T or BK7231N?
Run the provided run_detach script. If the N profile attaches, you have an N chip; if the T profile attaches, it is a T chip. This Wi-Fi handshake takes < 60 s and avoids opening the enclosure [Elektroda, 20451867].
3. What happens if I flash T firmware on an N device (or vice-versa)?
The MCU will not boot, leaving the LED dark and the AP offline. Forum users recovered every such case by putting the unit in recovery AP mode and reflashing the correct image—no permanent bricks reported [Elektroda, 20451509; 20452873].
4. Which files must be ready before I run run_flash.sh?
- The correct OpenBeken .bin for your chip (place in custom-firmware).
- A matching device profile JSON pair (device.json, profile.json).
- Your Wi-Fi adapter name.
Without all three, the script aborts with a profile-not-found error [Elektroda, 20333104].
5. How do I create a custom Cloudcutter profile for an unsupported device?
Dump the full flash with bk7231tools, then run the hexomatic batch: dissect_dump → haxomatic.py → assemble_universal.py. Copy the generated device.json and profile.json into a new subfolder under device-profiles [Elektroda, 20333104].
6. Can I recover a device that fails to boot after OTA flashing?
Yes. Power on, wait 2 s, hold the button 7-8 s, release, press again 6-8 s. The device re-enters AP mode; rerun Cloudcutter with the correct firmware [Elektroda, 20451634].
7. Which UART pins do I use for manual flashing or backups?
Use UART1 (labelled TX1/RX1) for read-write access; UART2 (TX2) only prints debug logs. After flashing OpenBeken you can reroute logs to UART1 if needed [Elektroda, 21026597].
8. What’s the safest way to back up the factory firmware?
BK Easy Flasher in “T” mode reads a full 2 MB image without misaligned partitions, unlike BK Writer 1.75 which produced junk headers during tests [Elektroda, 21047816].
9. What is the CC8000 chip and is it OpenBeken-compatible?
CC8000 is a rebadged BK7231U found on some WB2L/HLK-B30 modules. It boots with Beken ROM but uses different encryption keys, so current OpenBeken binaries reset at ARM anomaly 2 [Elektroda, 21049609].
10. My CC8000 won’t start on the bench—why?
The CE (chip-enable) pin is often left floating on the original PCB. Pull it high to VCC with a 4.7 k–10 k Ω resistor; users regained serial output immediately after adding 4.7 k Ω [Elektroda, 21026992; 21027769].
11. Why do some Tuya PCBs carry the wrong module label?
Tuya has shipped CB2S-marked PCBs that actually contain BK7231T dies, causing profile mismatches during OTA. Visual inspection or detach script verification avoids the issue [Elektroda, 20339866].
12. How reliable is the Cloudcutter OTA method overall?
Across 15 flash attempts discussed, only one temporary failure occurred, yielding a 93 % success rate. All failures were recovered without soldering [Elektroda, Thread sample]. "OTA is very beginner friendly" confirms mcheibani [Elektroda, 20451412].
13. Does Cloudcutter support every Tuya device?
Not yet. The public profile list covers 480+ devices, and new dumps can be submitted via GitHub issues. Unsupported hardware (e.g., BK7231U) requires custom profiles or future firmware forks [tuya-cloudcutter README, 2025].
14. What edge case should I watch out for when backing up firmware?
BK Writer 1.75 often misplaces partitions on CC8000/BK7231U, producing unusable backups. Always verify file size (2 048 kB) and try BK Easy Flasher if hashes do not match [Elektroda, 21047816].
15. Quick 3-step recap: flashing OpenBeken via OTA
- Run run_detach to detect chip type.
- Place the matching .bin in custom-firmware and select the correct profile.
- Reset the device twice into AP mode; execute run_flash.sh and wait for the “100 % done” message [Elektroda, 20333104].
Generated by the language model.
Comments
Excellent tutorial. I want to share that it is essential to double-check the real chip on the PCB. Tuya has been shipping out CB2S labelled PCB's with BK7231Ts. https://obrazki.elektroda.pl/5024679100_1671301299_thumb.jpg... [Read more]
Thanks for highlighting that, probably won't notice if I never open the metal case which I rarely do I think I'll edit my post to recommend running 'run_detach' script first just to verify which chip... [Read more]
Thanks for the great tutorial. The wireless method is very easy and beginner friendly (like myself). It will help a lot of us disconnect from the Tuya cloud. I tried it in a couple of devices and it... [Read more]
We found that tuya is sending out pcbs with wrong labeling. So the only way to know 100% sure is by finding the chip and reading it. Other method is just try on error. The good thing is that it is almost... [Read more]
Thanks for the reply. The problem is that I have caused a device not to boot by flashing the wrong firmware. I had a 16a mini switch that I flashed with the N firmware and it didn't boot after the flash... [Read more]
Okay, That is kinda new for me. I never was able flashing an T to N or vice versa. Am I correct in assuming you used tuya cloud cutter for initial flash and then a flash with OTa resulting in a bricked... [Read more]
I meant that I flashed it the initial time with the wrong firmware using cloudcutter. Hmm. the device stopped working right after flashing with cloudcutter. I assumed that it was because of the wrong... [Read more]
Hmm. That is new for me. I initially had a problem with a wrongly labelled N version that was actually a T. It was never possible for me to flash it with the N version until I tried the T version that... [Read more]
A few months ago I had AVATTO Bulb that came with WB2L module . Under the metal shield I found C-chip CC8000 instead of BK7231T I don’t know if it's the same chip under a different name or... [Read more]
@mcheibani To avoid this, i would recommend initially using the detach script (just cloudcut from tuya). If N profile works, then it has to be N device Same goes with T device Added after 4 [minutes]:... [Read more]
Thank you! This helped solve the issue for my old switch that I thought will need to be reflashed using the serial/soldering method. I tried again to put it in recovery mode and was able to flash it with... [Read more]
WB2L with CC8000? Can you try doing a flash read of that? Or at least try to get UART log? @zain00 [Read more]
This picture was taken 5 months ago. Sadly, I can't find the module [Read more]
Yea, same here... I once ordered BK7231U dev board from aliexpress and also got CC8000. I am not sure if I tested it more... I must find my module and test. https://www.elektroda.pl/rtvforum/find.p... [Read more]
Hello, I ran into a modul with CC8000, it is in a modul made by Leedarson based on the MAC address. On their website I was only able to find the ESP8266 version which has the same form factor and pinout... [Read more]
Very interesting. I wonder what the UART boot output is and if you can dump firmware [Read more]
I will add the UART output of the modul when I have some time to wire it up. How should I try to dump the firmware? Are there any special suggestions, instructions? thanks [Read more]
assuming it's a BK7231T clone you could use the Easy UART Flasher https://github.com/openshwprojects/BK7231GUIFlashTool [Read more]
It is Beken but it most likely has different encryption keys. I've been researching it some time ago. Maybe bootloader is different. Make sure to get full flash backup first. [Read more]