Ever been looking for your keys, and wanted to call them, before you realize that they are hideously analog pieces of metal? Or wanted to let someone into your house when you’re not at home, without having to lend them your keys?

Lockitron was the solution that descended from hardware heaven – a device that fits over the lock on your door and that is controlled via an app. It raised $2.2M on Kickstarter but missed its original shipping deadline by 1.5 years, leaving its backers in a deadlock (pun!).

Are you one of them? Stop glaring at your empty mailbox and channel all your frustration into making your own awesome smartphone connected lock – The Bean Lock.

The Bean Lock is built around an electronic wireless deadbolt and is controlled by the LightBlue Bean. The LightBlue Bean is an Arduino compatible microcontroller that is programmed wirelessly over Bluetooth Low Energy so that you can reprogram it even after you have built it in to your project. The lock is opened using the iOS application LightBlue that lets you send serial data to the LightBlue Bean without having to build your own app.

Steps

Advertisement

Step #1: Get the parts

PrevNext
Open Source Bluetooth Door Lock

Step #2: Modify the lock

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

Open up the lock and dismantle the metal plate shown in the photo. The deadbolt we picked uses a motor to slide it in and out of position, with a small switch that indicates when it’s locked. You will need to cut almost all wires and electronics from the lock. The only things you need to keep are the motor, position switch and the battery pack.

Step #3: Connect the LightBlue Bean

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

The Bean cannot operate at the same voltage as the motor, so we need to use a voltage regulator to step down battery voltage for the LightBlue Bean to 3.3V.

Solder the legs on the voltage regulator to the perfboard and connect the two capacitors to the voltage regulator.

Step #4: Power the voltage regulator

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

Solder a wire from GND to the far left leg of the voltage regulator and another from BAT to the middle one.

Step #5: Connect motor controller board

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

We need a motor controller board to control the electronic deadbolt motor. This is how you wire it:

Motor Controller Pin
STBY Pin 3 on Bean
AIN1 Pin 0 on Bean
AIN2 Pin 2 on Bean
PWMA Pin 1 on Bean
VCC BAT on Bean
GND GND on Bean
VM Battery Pack
A01 Lock Motor
A02 Lock Motor

Step #6: Connect lock position switch

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

There are two wires going to the lock position switch. Solder one of them to ground and the other one to pin 5 on the LightBlue Bean.

Take a step back and admire the snake pit of wires you just created.

Step #7: Finished wiring

PrevNext
Open Source Bluetooth Door Lock

Boom! This is what the wiring should look like now. Good job. We are proud of you.

Step #8: Screw it back together

PrevNext
Open Source Bluetooth Door Lock

Put the LightBlue Bean and the motor controller board in the lock, screw the metal plate back on and slide the case back on. Don't forget to put in the batteries!

Step #9: Code

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

To open the lock, we will use the app LightBlue. It has a section called the Sandbox, that lets you control the LightBlue Bean without having to program your own iOS app. When the LightBlue Bean receives a serial message, it checks the bytes received against the keycode saved inside the sketch. If the keycode matches the buttons pressed in the sandbox, the Bean Lock will unlock or lock. Get the code from GitHub.

Also, remember to add a pincode to your Bean to prevent other people from reprogramming it.

Step #10: Put it in your door

PrevNext
Open Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door LockOpen Source Bluetooth Door Lock

You know how birds push their kids out of the nest to teach them how to fly? That is what we're doing to you now. Every door is (more or less) unique and you'll need to figure out how to put the lock in your door by yourself. But the lock comes with pretty straightforward instructions so you should be fine. Just flap and believe in yourself.

Birds are mean. Sorry.

Conclusion

Security flaws

The Bean Lock would be a terrible lock if it were hackable enough to let people right into your home. Until you can be sure this is secure, we wouldn’t recommend you replace your home’s standard deadbolt with the Latch. One suggestion we have for making the Latch a secure IoT device is to add shared-key encryption. If you used the Bean SDK to build an iPhone app to lock and unlock your door, you could add an AES encryption library to your Arduino and iPhone app code. Then you could implement a challenge-response system:
  • The iPhone app sends a request to unlock the door.
  • The Bean receives the request, then sends a challenge code (a random string of bytes) back to the app.
  • The app encrypts the challenge code with the shared key, then sends the encrypted challenge code as its response.
  • The Bean decrypts the encrypted response with the shared key and verifies that it matches the original challenge code. This proves that the iPhone has the same shared key and is an authorized device.
  • The Bean opens the door lock!

If you are using something small, like a 5-digit pin instead of a 128-bit key, an attacker could decide to brute-force your lock by trying every combination, one after the other. If you include a lockout – turn off the lock for 60 seconds after 3 incorrect codes are entered, for example – brute-forcing the lock’s combo would be too time-consuming to be practical.

The Bean was designed to be very easy to program, but in the case of a lock, you may not want your neighbors having the same access as you have. To avoid this, we have added pincode protection to the latest firmware release. It will prevent anyone without the pincode from reprogramming your Bean.

If you want to be even safer, you can keep the BLE module from reprogramming the on-board Arduino by cutting the trace linking the reset line on the Arduino to the BLE module. Without the reset line, the LBM313 module can’t reset the Arduino chip for reprogramming. Optionally, you could solder a switch to this line, so only someone with physical access to the inside of the lock is able to reprogram the Bean.

What’s next?

This is only a prototype and not a secure solution yet. But we are sure that it can be developed further to work just as well as commercially available smartphone controlled locks, like the Lockitron. Make sure to post in the BeanTalk forum if you have any questions, ideas or contributions you want to share. We love reading what you’re up to!

Simone Giertz

Simone Giertz

Hyper Island student from Sweden who realized that hardware hacking was much more fun than data strategy. Now interning as a creative technologist at Punch Through Design.


  • FlyAway

    Nice project but the Bean is far too expensive… $45 shipped

    • Only for international shipping! Which we all know is expensive!
      Try going through amazon for better shipping rates http://www.amazon.com/Punch-Through-Design-LightBlue-Bean/dp/B00LU46NLA/

    • I await your cheaper version! ;)

    • Simone

      $45 with international shipping, yes! Nonetheless $30 is pretty competitive pricing for a microcontroller like this…

      • FlyAway

        No, $30 is very expensive for this considering you can get an Arduino off eBay for $5. Nice device, albeit priced out of market success range for now.

        • Simone

          But you would still need a BLE shield to go with that…

          • SpaceM

            Not to mention the differences in form factor, on-board accelerometer, built-in easy to use Bluetooth library, etc.

        • bdw

          Arduino doesn’t come with bluetooth though…. although a quick search shows that a bt module is another $10 shipped…

        • I’m not entirely convinced that you can equate a new boxed micro controller with built in Bluetooth LE, with a dodgy second hand Arduino clone on eBay..?

          • FlyAway

            The eBay versions are just as good as anywhere else. I’ve purchased tens of them and they all work exactly as advertised and none have ever failed. I don’t care about it being “boxed”, which is a waste of packaging and money.

  • dbell5

    “You know how birds push their kids out of the nest to teach them how to fly?”
    And here I expected you to tell us to change the lock code without telling those pesky (mostly-grown) kids!
    Nice project!

  • Would it not be easier AND more secure to simply hack the remote control to simulate a button press?

    • The easiest method is to simply buy official remotes for everybody and have them use the hardware remotes. Reasons not to use the remote: 1) you are too lazy to press the button and 2) you don’t want to rely on your phone 3) you don’t want to press a button.

      All three reasons applied to me, so I used RFID to unlock my deadbolt. It goes through the remote though, and this is a problem because sometimes it the remote is unreliable. It works 98% of the time. the remaining 2% is very annoying when it happens.

      If you would like details, you can read my blog post here: speedysignals.wordpress.com/2014/05/26/electronic-door-lock-evolution/

  • Sathees K.

    I just saw this project..well done! I have a question. U don’t have to use the motor controller board if the electric lock might work with 3v, right?

  • venu

    i have one project consept in entrance gate open and close control with bluetooth, but idon’t have bluetooth devoice