Valetudo

Cloud-free control webinterface for vacuum robots

View the Project on GitHub Hypfer/Valetudo

General

Newcomer Guide Early 2021 Supported Robots Capabilities Overview Rooting instructions Upgrading

Installation

Roborock OTA Viomi

Companion Apps

Valeronoi Lovelace Valetudo Map Card I can't belive it's not Valetudo node-red-contrib-valetudo Fun & Games Other Noteworthy Projects

Integrations

MQTT Home Assistant Node-RED openHAB

Misc

FAQ Frequently requested features Troubleshooting

Development

Building and Modifying Valetudo Valetudo core concepts MQTT

Knowledge Base

Supported Roborock Devices Supported Viomi Devices Supported Dreame Devices

Rooting instructions

This page contains an incomplete overview of installation instructions for various robots

Roborock

For more information, simply click on the link if there is one. Overall, things got harder as time went by.

OTA

The OTA rooting method is the easiest one requiring no disassembly. However, since Xiaomi disabled local OTA in newer versions of the miio_client (> 3.3.9), you might need to downgrade your firmware by factory resetting your robot.

Unfortunately, robots made after 2020-03 come with a non-local-OTA capable recovery firmware version so for those robots you will need to follow the instructions below.

This works by using the official OTA update mechanism to push a customized (rooted + valetudo) firmware image to the robot. It will happily accept that, because they aren’t signed. For more information, check out the talk Unleash your smart-home devices: Vacuum Cleaning Robot Hacking.

The procedure is documented here: https://valetudo.cloud/pages/installation/roborock-ota.html

This method applies to the following robots:

Vinda

The vinda file method unfortunately requires full disassembly of the robot as well as soldering some wires which will void your warranty.

In short, there’s a file called vinda which contains the root password XOR’d with 0x37. By dropping into the u-boot shell, you can use the ext4load u-boot command usually used for loading a kernel to load that file into memory and therefore read out the root password.

Then, you simply use an interactive shell via UART to achieve persistence.

Dennis made two videos explaining both disassembly as well as the actual root procedure. They can be found here: https://www.youtube.com/playlist?list=PL9PoaNtZCJRZc61c792VCr_I6jQK_IdSb

This method applies to the following robots:

Don’t be confused by the Video not mentioning your particular robot model. It’s the same procedure for all robots listed here.

Also, your robot might come with a newer firmware which doesn’t feature a vinda file. In that case, you’ll need to follow the instructions below.

Init override

Since there’s no vinda file on these robots/firmwares, the approach here is to drop into the u-boot shell and edit the kernel commandline so that init becomes /bin/sh which also gives you a rootshell, but requires you to quickly do some initializing, because otherwise the hardware watchdog will reboot the robot.

Furthermore, due to limited storage, the new firmware is actually streamed onto the device.

The disassembly process plus the testpoints used are the same as the vinda method above so make sure to watch those videos before attempting this.

The procedure is documented here: https://builder.dontvacuum.me/s5e-cheatsheet.txt

This method applies to the following robots:

Dreame

This section will be updated when there’s public root available.

Viomi

3irobotix is the manufacturer of vacuum robots sold under various brand names including

For now, only one vacuum robot is supported (WIP):

To install Valetudo on your Viomi V7, follow the instructions found here.

We’re currently looking into the possibility of reflashing other brands to Viomi so that they work with Valetudo without any additional code.