Vital-Go is a wearable health monitor firmware project for the ESP32-C3. This repository is currently focused on stable AP-based provisioning, secure device-backend integration, and end-to-end sensor ingest.
- Core target: ESP32-C3 DevKitM-1
- Current provisioning flow: WiFi AP web portal
- Bluetooth status: removed from current firmware for performance and memory savings
- Backend integration: secure HTTP/HTTPS device auth and ingest
- Key focus: implementation accuracy, production-hardening, and security documentation
- AP provisioning web server on
192.168.4.1 - Secure WiFi and device credential storage in NVS
- Device heartbeat, telemetry, and sensor ingest over backend API
- Deep sleep and power management support
- USB CDC serial console and debug logging
- PlatformIO build setup with Bluetooth stack disabled
- Sensor simulator / sensor data ingest path
- Battery monitoring and diagnostics
- OTA check interval support
- Configurable timing, retries, and debug flags
- Encrypted AP provisioning layer using device-specific secrets
- HTTPS-ready backend settings in documentation
- Device authentication and ingest-ready payloads
- Security design references in
docs/security/
| Area | Status |
|---|---|
| AP provisioning Web Portal | ✅ Implemented |
| WiFi STA connection | ✅ Implemented |
| NVS credential persistence | ✅ Implemented |
| BLE provisioning | ❌ Removed / deferred |
| MQTT | |
| Backend ingest flow | |
| Security hardening | ✅ Ongoing |
git clone https://github.com/AuralenX/Vital-Go-IoT-Device.git
cd Vital-Go-IoT-Devicecp config/config.h.template config.h
cp config/secrets.h.template secrets.hpio run --target upload --upload-port COMxpio device monitor --port COMx -b 115200If WiFi fails, the device enters AP provisioning mode automatically. Connect to the AP and open the provisioning portal at:
http://192.168.4.1
Use the form to enter:
device_id(UUID provisioned in backend)device_passwordWiFi SSIDWiFi password
ESP32-C3 Device
├─ WiFiManager (STA + AP fallback)
├─ CryptoUtils (provisioning encryption)
├─ DeviceAuthClient (JWT auth)
├─ IngestClient (sensor heartbeat + telemetry)
└─ NVS storage (credentials + state)
Backend API
├─ HTTPS / JWT authentication
├─ ingest endpoint
└─ device state tracking
Vital-Go-IoT-Device/
├── platformio.ini # PlatformIO build config
├── src/ # Firmware source code
│ ├── config/ # Device configuration and secrets
│ ├── connectivity/ # WiFi, auth, ingest clients
│ ├── core/ # Application core logic
│ ├── sensors/ # Sensor interface and simulators
│ ├── storage/ # NVS and persistence utilities
│ ├── system/ # Power + diagnostics
│ └── utils/ # Crypto, timing, LED helpers
├── docs/ # Documentation and guides
├── certificates/ # TLS certificate artifacts
├── tools/ # Build, provisioning, and verify utilities
├── test/ # Firmware test sketches
├── TODO.md # Implementation roadmap
├── progressOverview.md # Current project progress
└── README.md # This file
docs/README.md— Documentation indexdocs/device/CONNECTIVITY.md— Device connectivity and provisioning flowsdocs/security/IMPLEMENTATION_GUIDE.md— Secure provisioning and backend setupdocs/security/SECURITY.md— Security architecture, threats, and mitigationsdocs/security/SUMMARY.md— Current security status and checklist
Edit the copied configuration files before running the device:
config/config.h— device behavior, WiFi settings, debug flagsconfig/secrets.h— backend URL and secret values
Note:
src/config/config.hcurrently defines AP provisioning defaults:WIFI_AP_SSID="Vital-Go Device"WIFI_AP_PASSWORD="vitalgo123"
This firmware is built for PlatformIO using the ESP32 Arduino framework.
pio run
pio run --target upload --upload-port COMx
pio device monitor --port COMx -b 115200Bluetooth is disabled in platformio.ini with:
-DCONFIG_BT_ENABLED=0
-DCONFIG_BLUEDROID_ENABLED=0- Current provisioning is AP-based with encrypted payload support.
- BLE provisioning and BLE stack are not enabled in this branch.
- Backend HTTPS/TLS integration is documented in
docs/security/IMPLEMENTATION_GUIDE.md.
MIT License. See LICENSE for details.