I modified the source files for the Pico W a bit and got it to work on my ESP32. Most changes are minimal invasive, but I did have to remove the keyword-arguments for the socket.wrap_socket call in async_websocket_client.py that provided the SSL certificate, and , I’m unsure if this has an effect on security.
I tested it on a Devkit V1 with Mircopython v1.20.0
Here’s the link to the Github Repository with the modified code.
Some difficulties I’ve experienced were:
After an exception was thrown, I had to run boot.py again, it seems the ESP32 resets itself and losses the Wi-FI connection.
Sometimes the ESP32 got stuck in thonny, the async code was throwing errors, but the file itself kept running. For some reason neither a KeyboardInterrupt or the Stop button in thonny help reliably, after a while of randomly hitting CTRL-C and the Stop button I got it to stop and was able to fix the error in the file (files can’t be modified while code is running).
2 Likes
For some background, the reason why the anvil pico code available as a full working image for the RP2040 is that they had to upgrade the TLS version incorporated into micropython.
I don’t follow the micropython repo, so I am unsure if the changes they made ever made it into micropython, or if TLS was upgraded in a way that was different from the changes the Anvil team had to make to create a secure uplink connection. (Maybe the reason for the incompatible kwargs ?)
Actually I don’t know if TLS was updated at all in micropython.
To be clear, yes, this affects security quite badly. Anyone on the network between you and Anvil could intercept the connection and steal your uplink key and everything you transmit on that connection. @ianbuywise’s comment has more context – we did indeed need to modify Micropython to support certificate validation and achieve acceptable levels of security.
That’s very good to know, the projects I do with it don’t involve any sensitive data, but it’s good to know for others who would consider using an ESP32 instead of a Pico W.
Is it possible to get an insight on what things were modified in regards to TLS/SSL? I’d be interested in modifying the Micropyton firmware to properly support the certificates on the esp32.
I’m not sure if this is correct, but it might get you pointed in the correct direction.
I know much of the work for the pico was done by @daviesian , and I found this on his github if you want to poke around:
Also:
This would be a great help to the anvil community imo, there are many homebrew imbedded devices that work with esp32 that were designed before the pico existed, and being able to put anvil on them would really supercharge their usefulness.