Eswin ECR6600 flashing guide, datasheet, pinout, 100% local setup, Home Assistant

p.kaczmarek2 5241 98

Reply Cool? Ranking DIY | New topic

Notify about new articles

📢 Listen (AI):

#31 21481466 15 Mar 2025 22:32

divadiow divadiow

Level 35

Helpful post? (0)

Post #31
21481466 15 Mar 2025 22:32

insmod wrote:
I just changed 1.0.22 to 1.0.23 and it started to download another archive
Inside it is folder named eswin_ecr6600_1.0.23_temp

oh cool. it's not listed here, so, dunno

We could get all the BK, XR806 etc TuyaOS SDKs too..
ADVERTISEMENT
#32 21481469 15 Mar 2025 22:33

insmod insmod

Level 26

Helpful post? (0)

Post #32
21481469 15 Mar 2025 22:33

>>21481466 Is there any for TR6260?
I'm also getting 1.0.0, but it's more than 3 times the size
It contains unpacked toolchain, that's the reason for the size.
It also contains uboot and stub source
#33 21481478 15 Mar 2025 23:14

divadiow divadiow

Level 35

Helpful post? (0)

Post #33
21481478 15 Mar 2025 23:14

insmod wrote:
Is there any for TR6260?

sadly no, not in GUI

Here's a list of some from Sep 2023, so later can probably be guessed

Spoiler:
BK7231T
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.13.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.14.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.15.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.16.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.17.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.18.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.19.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.20.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.21.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.22.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.23.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231t_1.0.24.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.0.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.1.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.2.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.3.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.4.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.5.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.6.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231t_1.1.9.zip

BK7231N
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.7.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.8.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_0.0.9.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.10.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.11.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.13.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.14.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.15.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.16.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.17.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.18.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.19.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.20.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.21.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.23.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.24.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.25.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.27.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.28.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.29.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.30.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.31.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/bk7231n_0.0.33.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.0.3.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.1.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.2.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.4.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.5.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.6.zip
https://airtake-public-data-1254153901.cos.ap...oud.com/smart/embed/pruduct/bk7231n_1.2.8.zip

BK7231NL
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/BK7231NL_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/BK7231NL_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/BK7231NL_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/BK7231NL_0.0.5.zip
https://airtake-public-data-1254153901.cos.ap...ud.com/smart/embed/pruduct/BK7231NL_0.0.6.zip

Beken T2
https://airtake-public-data-1254153901.cos.ap...myqcloud.com/smart/embed/pruduct/t2_1.4.0.zip

RTL8710BN
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8710bn_1.0.18.zip
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8710bn_1.0.19.zip
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8710bn_1.0.20.zip
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8710bn_1.0.21.zip
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8710bn_1.0.22.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.0.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.1.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.4.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.5.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.6.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8710bn_2.0.7.zip

RTL8720CF
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.0.0.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.0.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.1.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.2.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.3.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.4.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.5.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_2.3.7.zip
https://airtake-public-data-1254153901.cos.ap...mart/embed/pruduct/rtl8720cf_ameba_2.3.11.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_3.1.0.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_3.1.1.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cf_ameba_3.6.1.zip

RTL8720CM
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.5.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/rtl8720cm_ameba_0.0.9.zip
https://airtake-public-data-1254153901.cos.ap...mart/embed/pruduct/rtl8720cm_ameba_0.0.10.zip
https://airtake-public-data-1254153901.cos.ap...mart/embed/pruduct/rtl8720cm_ameba_0.0.11.zip

RTL8721CS
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8721cs_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8721cs_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...d.com/smart/embed/pruduct/rtl8721cs_0.0.8.zip
https://airtake-public-data-1254153901.cos.ap....com/smart/embed/pruduct/rtl8721cs_0.0.10.zip

RTL8720DN
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/test_rtl8720dn_1.0.64.zip
https://airtake-public-data-1254153901.cos.ap...smart/embed/pruduct/test_rtl8720dn_1.0.65.zip

ESWIN ECR6600-TS2D (AXY)
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.5.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.8.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_0.0.9.zip
https://airtake-public-data-1254153901.cos.ap.../smart/embed/pruduct/eswin_ecr6600_0.0.10.zip
https://airtake-public-data-1254153901.cos.ap.../smart/embed/pruduct/eswin_ecr6600_0.0.11.zip
https://airtake-public-data-1254153901.cos.ap.../smart/embed/pruduct/eswin_ecr6600_0.0.12.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.0.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.1.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.2.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.3.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.4.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.5.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.6.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.7.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/eswin_ecr6600_1.0.8.zip
https://airtake-public-data-1254153901.cos.ap.../smart/embed/pruduct/eswin_ecr6600_1.0.10.zip

EFR32 Zigbee
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.5.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.7.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.8.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/efr32_zigbee_0.0.9.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.10.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.11.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.12.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.15.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.16.zip
https://airtake-public-data-1254153901.cos.ap...m/smart/embed/pruduct/efr32_zigbee_0.0.17.zip
https://airtake-public-data-1254153901.cos.ap...uduct/tuyaos_demo_zg_door_sensor_0.0.5.tar.gz
https://airtake-public-data-1254153901.cos.ap...ed/pruduct/tuyaos_demo_zg_light2_0.0.8.tar.gz

TLSR825x (BT3L)
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.5.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...om/smart/embed/pruduct/tlsr825x_ble_0.0.7.zip
https://airtake-public-data-1254153901.cos.ap...uduct/tuyaos_demo_ble_peripheral_0.1.0.tar.gz

XR809
https://airtake-public-data-1254153901.cos.ap...cloud.com/smart/embed/pruduct/xr806_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...cloud.com/smart/embed/pruduct/xr806_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...bed/pruduct/tuyaos_demo_lite_app_0.0.4.tar.gz

LN882H
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ln882h_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ln882h_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ln882h_0.0.3.zip

rk3308
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/rk3308_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/rk3308_0.0.4.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/rk3308_0.0.6.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/rk3308_0.0.7.zip

ssd201
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ssd201_0.0.1.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ssd201_0.0.2.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ssd201_0.0.3.zip
https://airtake-public-data-1254153901.cos.ap...loud.com/smart/embed/pruduct/ssd201_0.0.4.zip

Misc
https://airtake-public-data-1254153901.cos.ap...bed/pruduct/tuyaos_demo_examples_0.0.3.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.1.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.2.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.3.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.5.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.6.tar.gz
https://airtake-public-data-1254153901.cos.ap...d/pruduct/tuyaos_demo_quickstart_0.0.7.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.11.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.12.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.13.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.14.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.15.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.16.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.17.tar.gz
https://airtake-public-data-1254153901.cos.ap.../pruduct/tuyaos_demo_quickstart_0.0.18.tar.gz
https://airtake-public-data-1254153901.cos.ap...aos_pixel_driver_demo_quickstart_0.0.1.tar.gz
https://airtake-public-data-1254153901.cos.ap.../tuyaos_ele_energy_demo_quickstart_0.1.tar.gz
https://airtake-public-data-1254153901.cos.ap...embed/pruduct/tuyaos_demo_examples_0.7.tar.gz
https://airtake-public-data-1254153901.cos.ap...os_dimmer_driver_demo_quickstart_0.0.1.tar.gz
https://airtake-public-data-1254153901.cos.ap...uyaos_sensor_hub_demo_quickstart_0.0.1.tar.gz

Added after 29 [minutes]:

p.kaczmarek2 wrote:
I see, used SDK is nds32le-elf-mculib-v3s.tar.gz, but now it seems that we would need to compile Ghidra from source...

Did you go down this route?
ADVERTISEMENT
#34 21481520 16 Mar 2025 00:21

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #34
21481520 16 Mar 2025 00:21

I haven't tried it yet, but if you have some time we can try it together.

The only interesting thing I've found is that Ghidra can currently load BK7231 libtuya_iot.a as is, so if we need a reference...

Added after 9 [minutes]:

It seems that "tuya_storge" is actually just calling "Simple Flash App", as in "sf". At least on Beken.
Code: C / C++
Log in, to see the code

Added after 4 [minutes]:

__sf_protected_block_init is the function that reads first block (on Beken, at least), and it works for us on ECR

Added after 24 [minutes]:

sf_hand_s structure
https://github.com/search?q=sf_hand_s&type=code

Added after 57 [seconds]:

https://github.com/openshwprojects/OpenRTL871.../tuya_base/kv_storge/flash/simple_flash.h#L93

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#35 21481626 16 Mar 2025 09:17

divadiow divadiow

Level 35

Helpful post? (0)

Post #35
21481626 16 Mar 2025 09:17

divadiow wrote:
Here's a list of some from Sep 2023, so later can probably be guessed

also. these are easy enough to get from Tuya Wind IDE in VS Code but must be done on Linux
-Sign-up for Tuya developer account https://developer.tuya.com/
-Install Tuya Wind IDE extension in VS Code

-Sign into Tuya Wind as developer account

-filter in Resource Center according to requirements

I choose to save somewhere custom

then the link to main zip is in the SDKInformation.json file, by which point you've downloaded it anyway and have it unzipped

Added after 2 [minutes]:

VSC on Windows just says get Linux

Added after 3 [minutes]:

p.kaczmarek2 wrote:
I haven't tried it yet, but if you have some time we can try it together.

could...do..
I sense people around me irl will try to pull me away from computer today though.

Added after 19 [minutes]:

insmod wrote:
It also contains uboot and stub source

what possibilities does this open up?

Added after 16 [minutes]:

divadiow wrote:
could...do..
I sense people around me irl will try to pull me away from computer today though.

im trying build of https://github.com/osy/ghidra/tree/tim/add_nds32_processor now

Added after 43 [minutes]:

divadiow wrote:
I believe this is because TuyaOS3 has changed the way config is stored. It needs working out and a new config extractor made I guess. A few OS3 firmwares are about, including all Tuya LNs so far

this whole config extraction issue ties in with this I believe. I think any TuyaOS3 (3.3+ maybe?) has this new way of storing config, on any platform. eg BK-N Tuya_3Phase_Power_Meter_PC321-W-TY_(schemaID-ey2r2s)_key83r5jq9qqeaxt_TuyaMCU_CBU_3.1.28.bin = failed to extract keys
#36 21481721 16 Mar 2025 09:44

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #36
21481721 16 Mar 2025 09:44

Does Tuya_3Phase_Power_Meter_PC321-W-TY_(schemaID-ey2r2s)_key83r5jq9qqeaxt_TuyaMCU_CBU_3.1.28.bin also fail at second block? I'll try.

Added after 3 [minutes]:

No, it has correct CRCs on along all blocks. It's a different fault scenario.

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#37 21481727 16 Mar 2025 09:46

divadiow divadiow

Level 35

Helpful post? (0)

Post #37
21481727 16 Mar 2025 09:46

p.kaczmarek2 wrote:
No, it has correct CRCs on along all blocks. It's a different fault scenario.

hmm ok ok. to which failure point do any of the LNs align?

Added after 1 [minutes]:

divadiow wrote:
im trying build of https://github.com/osy/ghidra/tree/tim/add_nds32_processor now

Jsondoclet dependency issues. trying to sort. might switch to linux/fresh machine
ADVERTISEMENT
#38 21481736 16 Mar 2025 10:25

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home
Topic author Helpful post? (+1)

Post #38
21481736 16 Mar 2025 10:25

LN882H dumps are the same like PC321. It decrypts all blocks without CRC errors.
Code: C / C++
Log in, to see the code

The underlined checks are only failing for ECR6600 configs:

I can get this from LN882H:

Added after 27 [minutes]:

Google for: aes128_ecb_decode_raw
https://www.tuyaos.com/viewtopic.php?t=2885
Quote:

Module: WBR1D, tuyaos: 3.3.4.
Decryption error using aes128_ecb_decode_raw decryption interface in aes_inf.h header file. The decrypted data is incorrect. Please help me look at the same data. The encryption is successful, but the decryption cannot be done with the same key. The following is a code snippet.
Code: text Expand Select all Copy to clipboard
BYTE_T data1[] ="b4046667e3c549673aa75369b605f342"; BYTE_T datakey1[] ="6r4mq0ptoan2wf70"; //UINT32_T outlen1 = 0; BYTE_T outdata1[33] = {0}; aes128_ecb_decode_raw(data1, strlen(data1), outdata1, datakey1); TAL_PR_INFO("data1;%s", data1); TAL_PR_INFO("strlen(data1);%d", strlen(data1)); TAL_PR_INFO("outdata1;%s", outdata1); TAL_PR_INFO("strlen(outdata1);%d", strlen(outdata1)); TAL_PR_INFO("datakey1;%s", datakey1); TAL_PR_DEBUG("AES_DE2: "); memset(dataget,0,32); for (int j = 0; j < strlen(outdata1); j++) { memset(cat,0,8); sprintf(cat,"%02x",outdata1[j]); strcat(dataget,cat); } TAL_PR_INFO("dedataget;%s", dataget); aes_free_data(outdata1);

The following is the log content
Code: text Expand Select all Copy to clipboard
[2024-03-06 08:27:34.144]# RECV ASCII> I][tuya_app_main.c:268] data1;b4046667e3c549673aa75369b605f342 [01-01 08:00:03 TUYA I][tuya_app_main.c:269] strlen(data1);32 [01-01 08:00:03 TUYA I][tuya_app_main.c:270] outdata1;? [01-01 08:00:03 TUYA I][tuya_app_main.c:271] strlen(outdata1);2 [01-01 08:00:03 TUYA I][tuya_app_main.c:272] datakey1;6r4mq0ptoan2wf70 [01-01 08:00:03 TUYA D][tuya_app_main.c:273] AES_DE2: [01-01 08:00:03 TUYA I][tuya_app_main.c:280] dedataget;9231

Added after 2 [minutes]:

Added after 3 [minutes]:

https://github.com/tuya/TuyaOpen/blob/3f4ed7f...86bf/src/tal_security/src/tal_symmetry.c#L270

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#39 21483017 16 Mar 2025 22:25

divadiow divadiow

Level 35

Helpful post? (0)

Post #39
21483017 16 Mar 2025 22:25

divadiow wrote:

divadiow wrote:
im trying build of https://github.com/osy/ghidra/tree/tim/add_nds32_processor now

done. for Linux

https://1drv.ms/u/c/88c85548b4baddc3/ESkfHPehxD9Kmd1EaIPDx-MBi6XzRDStAPCAsDwZ_f0VTg?e=Up0e78

Added after 3 [minutes]:

p.kaczmarek2 wrote:
I can get this from LN882H:

p.kaczmarek2 wrote:
LN882H dumps are the same like PC321. It decrypts all blocks without CRC errors.

oh cool. potential for Easy Flasher extraction for other platforms
#40 21483029 16 Mar 2025 22:36

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (+1)

Post #40
21483029 16 Mar 2025 22:36

Good job, so are you able to open ECR6600 binary now?

To sum up - there are currently two issues with keys extraction.
Issue 1 - as discussed here, ECR6600 seems to have different secondary key
Issue 2 - our json extraction is "naive" and it produces partially messed up JSON, as you probably saw many times.

For now, we're focusing on issue 1 - ECR6600 keys. Later we could also look into issue 2, try to transcribe the KV logic partition into our flasher so JSON is reconstructed correctly.

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#41 21483244 17 Mar 2025 07:57

divadiow divadiow

Level 35

Helpful post? (0)

Post #41
21483244 17 Mar 2025 07:57

p.kaczmarek2 wrote:
Good job, so are you able to open ECR6600 binary now?

hmm. I don't know Ghidra. not got far
#42 21483399 17 Mar 2025 10:25

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #42
21483399 17 Mar 2025 10:25

If you click on a function, are you actually able to view disassembly with that?

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#43 21483406 17 Mar 2025 10:27

divadiow divadiow

Level 35

Helpful post? (0)

Post #43
21483406 17 Mar 2025 10:27

>>21483399
#44 21483486 17 Mar 2025 11:11

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #44
21483486 17 Mar 2025 11:11

So it works, nice.... very good job

Well, if you want to try going futher, then next step probably is to search string references for that "key" message you've found yourself in the boot log, and then check where is the function that prints it.

You can also share your Ghidra binary now here, I could try doing it as well, which Linux do I need? Well I will have to set a VM.

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#45 21483492 17 Mar 2025 11:14

divadiow divadiow

Level 35
Helpful post? (0)

Post #45
21483492 17 Mar 2025 11:14

divadiow wrote:
https://1drv.ms/u/c/88c85548b4baddc3/ESkfHPehxD9Kmd1EaIPDx-MBi6XzRDStAPCAsDwZ_f0VTg?e=Up0e78

here. ~~file is too big to upload as attachment~~ actually not true, attached

I'm using Ubuntu 24.04.1

Attachments:

ghidra_11.1.2_DEV_20250316_linux_x86_64.zip Download (396.04 MB)
ADVERTISEMENT
#46 21483529 17 Mar 2025 11:32

divadiow divadiow

Level 35

Helpful post? (0)

Post #46
21483529 17 Mar 2025 11:32

anything interesting?

keyge8wsy99n5pr7, HHRRQbyemofrtytf don't show any results for me and aes128_ecb_decode_raw only has

your previous screenshots had more
#47 21483550 17 Mar 2025 11:46

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #47
21483550 17 Mar 2025 11:46

I'm barely at "downloading Ubuntu LTS stage", but I will try to use what you've compiled.

I don't know Ghidra well, I remember playing with IDA PRO back in school, but Ghidra is relatively new to me. Still, here is how I would start - we need to find the SF/keyvars functions in the flash. They won't be labelled like I shown in decompiled Tuya library, they will have no names, but if you look here (my old screenshot from tuya lib):

You can see that sf_protected_block_init is referencing 0x13579753 constant, so it should be possible to look for that constant with search and then find the function as well.
Alternatively, you can also try looking for the string references, for example for the "key data is not matched" on my screenshot above. If you find this string in Ghidra, and do "find functions referencing this data", you may find sf_protected_block_init (of course, under FUNC_xyz name, as it has no label)

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#48 21483650 17 Mar 2025 13:01

divadiow divadiow

Level 35

Helpful post? (0)

Post #48
21483650 17 Mar 2025 13:01

not been able to get any references found for anything so far

eg the one you mention
#49 21483677 17 Mar 2025 13:23

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #49
21483677 17 Mar 2025 13:23

Here's a brief tutorial on how I do it.
1. Click search:

2. Choose "Memory":

3. Enter 0x13579753 and search:

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#50 21484132 17 Mar 2025 19:59

divadiow divadiow

Level 35

Helpful post? (0)

Post #50
21484132 17 Mar 2025 19:59

Yes. Cheers, I did do a memory search in the course of things but later hit a wall and haven't progressed further yet.

Added after 32 [minutes]:

what was your base address btw?
#51 21484240 17 Mar 2025 20:25

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home
Topic author Helpful post? (0)

Post #51
21484240 17 Mar 2025 20:25

My sample was made on tuya_iot library from BK7231 SDK. The one with function names, not the flash dump.

I've tried your compiled Ghidra on Ubuntu and it seems I'm stuck.

Look:

Font blinks and only like 1% of text is visible...
I've tried so far:
https://github.com/NationalSecurityAgency/ghidra/issues/212

I'm on:
Code: text Expand Select all Copy to clipboard
lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 24.04.2 LTS Release: 24.04 Codename: noble

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#52 21484253 17 Mar 2025 20:32

divadiow divadiow

Level 35

Helpful post? (0)

Post #52
21484253 17 Mar 2025 20:32

p.kaczmarek2 wrote:
My sample was made on tuya_iot library from BK7231 SDK. The one with function names, not the flash dump.

ah yes, of course.

p.kaczmarek2 wrote:
Font blinks and only like 1% of text is visible...

oh. hmm. um. I RDP into my Ubuntu, could try that rather VM console (assuming that's how you're viewing it)
#53 21484286 17 Mar 2025 20:46

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #53
21484286 17 Mar 2025 20:46

It's a virtual machine

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
Helpful post

#54 21487526 20 Mar 2025 09:24

divadiow divadiow

Level 35
Helpful post? (+1)

Helpful post
Post #54
21487526 20 Mar 2025 09:24

Windows

Attachments:

ghidra_11.1.2_DEV_20250320_win_x86_64.zip Download (396.43 MB)
#55 21488603 21 Mar 2025 00:15

divadiow divadiow

Level 35

Helpful post? (0)

Post #55
21488603 21 Mar 2025 00:15

im still fiddling
#56 21488793 21 Mar 2025 08:56

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #56
21488793 21 Mar 2025 08:56

Nice, how did you manage to compile it? I'll check this out once I get some free time. Hopefully today.

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#57 21488820 21 Mar 2025 09:20

divadiow divadiow

Level 35

Helpful post? (0)

Post #57
21488820 21 Mar 2025 09:20

p.kaczmarek2 wrote:
Nice, how did you manage to compile it?

Ghidra? The main culprit was this https://github.com/NationalSecurityAgency/ghidra/pull/6610 so overwrote those two affected files
#58 21489129 21 Mar 2025 12:36

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #58
21489129 21 Mar 2025 12:36

It seems we indeed need to figure out a way to get proper addressing, base address and flash start. I've tried to use the partition table from the start of the file (0x9000), but no luck yet.

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
#59 21490730 22 Mar 2025 19:16

divadiow divadiow

Level 35

Helpful post? (0)

Post #59
21490730 22 Mar 2025 19:16

giving these a spin

https://github.com/8051Enthusiast/allyourbase
https://github.com/soyersoyer/basefind2

Code: Text
Log in, to see the code
#60 21490745 22 Mar 2025 19:31

p.kaczmarek2 p.kaczmarek2

Moderator Smart Home

Topic author Helpful post? (0)

Post #60
21490745 22 Mar 2025 19:31

I've tried the first one you gave and it seems correct?

Added after 2 [minutes]:

but not all match?

I am creating multiplatform open source firmware (Tasmota replacement), right now supporting BK7231T, BK7231N, XR809, BL602, W800, W600, LN882H and soon supporting RTL and W701:
https://github.com/openshwprojects/OpenBK7231T
If you like my work, support me at: https://paypal.me/openshwprojects

Helpful post? Buy me a coffee.
Create an account, log in and become active in a forum and ads will not appear. You will receive points by participating in discussions.
Join this discussion.

Install the application

Reply Cool? Ranking DIY | New topic

Notify about new articles

📢 Listen (AI):

Report a violation of the law

Topic summary

The discussion focuses on the Eswin ECR6600 WiFi+Bluetooth SoC module used in IoT devices, particularly smart plugs with integrated BL0937 energy metering chips. Key topics include detailed pinout configurations, firmware flashing procedures via UART, and local firmware development to enable cloud-free operation with Home Assistant using Tasmota/esphome-like firmware ports. Users report initial issues with the BL0937 driver not functioning due to its exclusion from firmware builds, which was later resolved by including the driver and verifying correct pin assignments. Attempts to extract and decrypt Tuya configuration keys from original firmware backups reveal challenges due to changed secondary keys and CRC errors, complicating full firmware analysis and key extraction. The community explores using Tuya Wind IDE on Linux for SDK access, and reverse engineering efforts with Ghidra face difficulties due to the ECR6600’s NDS32 architecture and base address uncertainties. Firmware disassembly and key extraction are ongoing, with partial success in identifying key material and decrypting some blocks. Additional tests confirm the ECR6600 supports WiFi 6 (2.4 GHz only) and HTTP GET/POST commands for local network control, including file downloads via HTTP client functionality. Integration efforts include porting missing HAL functions like hal_machw_time and lwip_close_force for timing and socket management. Various ECR6600-based devices, including plugs ordered from AliExpress (e.g., TNCE 16A power monitors and E103-W11 modules), are tested for firmware backup, flashing, and local control capabilities. The discussion also covers SDK build issues, firmware memory mapping, and the need for improved tooling and documentation to fully support ECR6600 development and integration with open-source platforms.
Summary generated by the language model.

Home page
/
Forum
/
Smart Home
/
Smart Home IoT
/
Smart Home Guides
/
Eswin ECR6600 flashing guide, datasheet, pinout, 100% local setup, Home Assistant

FAQ

TL;DR: You can fully back-up and re-flash any ESWIN ECR6600 module with only VCC, GND, TX0 (IO6) and RX0 (IO5); no “GPIO0” strap is required. Use RDTool, load the 16 kB stub at 0x10000, then dump up to 4 MB of flash in ≈90 s. The chip’s 2.4 GHz radio delivers +17 dBm and even speaks Wi-Fi 6/802.11ax [Elektroda, p.kaczmarek2, post #21479963]

Quick Facts

• SoC: Andes D10 @160 MHz, 512 kB SRAM, on-chip 2 / 4 MB QSPI flash [Elektroda, p.kaczmarek2, post #21479963]
• RF: 2.4 GHz 802.11 b/g/n/ax, +17 dBm Tx, BLE 5.0 +10 dBm [Elektroda, p.kaczmarek2, post #21479963]
• Pkg / modules: QFN40 5×5 mm (-40 D), QFN32 4×4 mm (-TSx), used in AXY2S, WG236, E103-W11 [Elektroda, p.kaczmarek2, post #21479963]
• Flash/UART pins: TX0 = IO6, RX0 = IO5, BOOT-log = IO13, Reset = CEN [Elektroda, p.kaczmarek2, post #21479963]
• Flash tool: RDTool v1.0.21, stub = ECR6600F_stub_V1.3.1.bin, begin 0x10000 [Elektroda, p.kaczmarek2, post #21479963]

What exactly is the ESWIN ECR6600?

ECR6600 is a 2.4 GHz Wi-Fi 6 and BLE 5.0 combo SoC built around an Andes-D10 core at 160 MHz. It integrates PA/LNA, 512 kB SRAM, hardware AES-256, TRNG and either 2 MB or 4 MB QSPI flash [Elektroda, p.kaczmarek2, post #21479963]

Which ready-made modules carry the ECR6600?

Confirmed modules include Tuya AXY2S/AXYU (CB2S-style), SkyLab WG236 (ESP-12 footprint), CDI-WX56600A and Ebyte E103-W11. All expose TX0 (IO6) and RX0 (IO5) on edge pads [Elektroda, p.kaczmarek2, post #21479963]

How do I enter the UART flashing mode?

Connect 3.3 V, GND, IO6→USB-TTL RX, IO5→USB-TTL TX and optionally RST. Start RDTool, click Start, then pulse RST (or power-cycle). No special boot-strap pin is needed; timing is within ~1 s after reset [Elektroda, p.kaczmarek2, post #21479963]

How can I back-up the factory firmware?

In RDTool choose Develop Tool → Single File. Load the 16 kB stub (ECR6600F_stub_V1.3.1.bin) at start-up address 0x10000, then switch to Flash tab and read 0x400000 bytes (4 MB) or 0x200000 for 2 MB parts [Elektroda, p.kaczmarek2, post #21479963]

How do I restore a full dump if something goes wrong?

Use the same Single File tab: select your backup BIN, set Begin Addr 0x0, tick “is download”, click Start, then reset the board. RDTool sends stub and image automatically [Elektroda, divadiow, post #21480971]

How do I flash OpenECR/OpenBK firmware?

Pick the latest all-in-one UART binary from the GitHub releases page, go to Develop Tool → All-in-One, click Start and reset the module. On reboot it opens an AP for web configuration just like Tasmota [Elektroda, p.kaczmarek2, post #21479963]

What pin mapping is needed for BL0937 energy plugs?

Typical EU smart plug uses IO14→CF, IO15→SEL, IO20→CF1, IO25→Relay and IO24→Button [Elektroda, spectrality, post #21481109] With the fixed driver build the meter reports Voltage, Current and Power correctly [Elektroda, insmod, post #21481313]

Does the chip really support Wi-Fi 6?

Yes. The radio claims 802.11ax HE20 single-stream support (“DCM, MCS7”) at +17 dBm, but only on 2.4 GHz; 5 GHz is not available [Elektroda, p.kaczmarek2, post #21479963]

Can I use HTTPS requests from scripts?

Not yet. The current HTTPClient in OpenBK for ECR6600 only handles plain HTTP. For secure endpoints use MQTT/TLS from an external bridge [Elektroda, p.kaczmarek2, post #21594735]

Will repeated SendGet events leak sockets or RAM?

No. A stress test toggling another device every second showed stable free heap (~188 kB) and only two open sockets after each cycle [Elektroda, DeDaMrAz, post #21594690]

How big is the flash and how do I check?

Run a 4 MB read first; RDTool prints “FLASH is not enough!” if the part is 2 MB. The size is also listed in the module datasheet, e.g., WG236 is 4 MB [SkyLab WG236 datasheet].

Can I still extract Tuya JSON config?

Not reliably. The usual BK7231 key set fails because ECR6600 uses a different secondary key; current tools stop after the first block [Elektroda, p.kaczmarek2, post #21481736]

Where can I download the official TuyaOS SDK?

Tuya Wind IDE lists it as “eswin_ecr6600_wifi-ble-tuyastack”; direct URL examples: …/pruduct/eswin_ecr6600_1.0.23.zip [Elektroda, divadiow, post #21481466]

Does the ECR6600 allow 5-GHz Wi-Fi?

No. Only 2.4 GHz is implemented. For dual-band 802.11ax consider ESP32-C5, the sole low-cost 2.4 / 5 GHz IoT SoC as of 2025 [Espressif Datasheet ESP32-C5, 2024].