ESP32 Forum

Hi,

I'm working on auto-reconnect feature of two BLE devices. And I'm not sure how to safely do it.

From salve side, I kinda get it: broadcast using and make it only whitelisted device connectable. But question is, if we use RPA(resolvable private address), is it still necessary to make it only connectable by whitelisted devices?

From master side, if I scan and see a device, how do I make sure I only connect to only bonded devices? If I see the address is RPA and can be resolved to match a public address in my bonded list, can I say it's safe to connect? Can a device fake or repeat a RPA?

thanks

Malcolm

Hi,
i think you could use this (from bluetooth core specs):

12.4 CENTRAL ADDRESS RESOLUTION
The Peripheral shall check if the peer device supports address resolution by
reading the Central Address Resolution characteristic before using directed
advertisement where the initiator address is set to a Resolvable Private
Address (RPA).
The Central Address Resolution characteristic defines whether the device
supports privacy with address resolution. See Table 12.7.

12.5 RESOLVABLE PRIVATE ADDRESS ONLY
The device shall check if the peer will only use Resolvable Private Addresses
(RPAs) after bonding by reading the Resolvable Private Address Only
characteristic.
The Resolvable Private Address Only characteristic defines whether the device
will only use Resolvable Private Addresses (RPAs) as local addresses. See
Table 12.8.

But im not sure if this is supported yet (i think it is). There is more. You want to be sure that slave device is the one you are paired with, so you can use scan parameter:
https://docs.espressif.com/projects/esp ... ST_PRA_DIR