I just got a bunch of kilo vault 3600 HLX batteries and I was able to get the original app that’s unlocked as the company has gone out of business. So I can read the information off the batteries through the app. I ran a Bluetooth low energy scan to read the raw data, and I think I’ve found what would be the stream for all the data points. Everything else seems to just be static values and a few writable IDs that just return enabled or disabled. And then of course all the hardware IDs and description items. I’m wondering if anybody can help me make sense of the data that’s coming out, I feel like there’s probably some pattern or just raw values that I’m missing.
The plan is to use an ESP32 to actually scan and pull the data into home assistant so I can build automations based on the battery statuses. I can read the data using the ESP 32 already, I just need to figure out how to decode it.
I’m trying to avoid using the physical connections, they are being mounted on an RV and they are not out in the open, but in a bay that’s not completely air tight. And the RJ45 connectors are not water tight without the covers.
anyway do over rs485 more simple. in case with bluetoot you still need some adapter, but doing over BTLE - more hard due specific. if you want use esp32 - you can just connect to him uart to rs485 cheap module. here is alot projects for DIY that adapters
with BTLE you heed decode not just query-answer, but btle specific prefixes and protocols. at start of my project - im try to do over BT, and then rerol to wired conection, im even dissassemble native BT app and understand what thats noway to do. at first if we remove at all another work logic - BTLE connection less stable and slow
from what im start at all - sniffing query-answers over rs485 from native vendor service software, looking for sames, find technical prefixes and suffixes in answer strings, then trying found in answer bytes hex pairs what equal to known decimal values like block voltage, cells voltages… most difficult was finding temperature sensors and doing formulas for recount obtained hexadecimal values into celsium degreeses. first simple tries was like send known string - get some answer, and by time project get first Rest api in python web service what was readable by HA and more and more, and after im couple times revork whole code with new features and more modern api over mqtt, but start logic still same like on start - query-answer-parse
I have the data stream, it was not hard to find, just decoding the stream was all I needed. I would need to do the same thing over RS485. As I said, getting the data is not a problem, that was easy. Decoding it is the tricky part.
packets different. over rs485 and bt. in bt datapackets covered into btle thing and NOT raw hex data like over rs485. for understanding - BT reciever its just dongle connected to rs232 or rs485 port on BMS board. so you sure can try to do pervert double convertations with packets… and after time became to way connect directly to bms board, without that BT whistle, like im done ))) how i say at my start - i try over bt… and understand what here is more simple ways
I mean what you catch over bluetooth,and what that bluetooth dongle send-recive to bms over his wire - differrent at all data. So you sure can try decode bluetooth layer, but more easy do it directly on bms rs485 interface
Now see, sometimes I think GitHubs search is just for looks. I spent all day scowering projects using kilovault and never found that first one! Its exactly what I want to do, and is decoding that data stream I posted above.
Which is exactly what I needed, seems the ESP32 might be a little under powered to work reliably, but it does work and decodes everything perfectly between crashes.
You wellcome ! I know what a pain decode protocol from nothing ) Im waste very much time for looking some similar for my batteries, but not found any at all
What the original developer actually did was use an ESP32 to emulate the data from one of his batteries, and then connected to it in the official app. Then he could change values one at a time and watch what changed in the app. Pretty interesting was to reverse engineer.
