ltchiptool-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@ltchiptool-mcpdump flash from BK7231 on /dev/ttyUSB0"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
ltchiptool-mcp
MCP server wrapping ltchiptool and bk7231tools for chip-level firmware extraction. Drives the BK7231 family (Tuya/IoT plugs) over UART, dumps full flash, decrypts and extracts partitions. Exposes operations as Model Context Protocol tools over stdio transport.
Built for use with Claude Code on a Raspberry Pi 5, but works with any MCP client and any USB-UART substrate.
What it does
Chip info: detect chip type, bootloader, MAC, flash size, and per-chip encryption key
Flash dump: full encrypted flash read via UART (yank-restore HITL for the connect window)
Partition extraction: decrypt + dissect into bootloader / app / storage JSON
Discovery: look up boards in ltchiptool's catalog (CB3S, WB3S, CUCO-Z1-N, etc.) to map module silkscreen to chip family
Substrate-agnostic: any USB-UART path works (FT232, BP6 bridge mode, etc.). External 3.3V supply recommended for BK7231 (BP6 onboard PSU trips on inrush).
Related MCP server: Frida Game Hacking MCP
Requirements
Python 3.11+
User in
dialoutgroup for serial access (sudo usermod -aG dialout $USER)A USB-UART dongle (FT232 or similar) and an external 3.3V supply (lab PSU, regulated buck, or Pi GPIO header pin 1)
Install
git clone https://github.com/mplogas/ltchiptool-mcp.git
cd ltchiptool-mcp
pip install -e ".[dev]"bk7231tools is a transitive dependency of ltchiptool, no separate install needed.
MCP Client Configuration
Add to your .mcp.json:
{
"mcpServers": {
"ltchiptool": {
"command": "/path/to/.venv/bin/python",
"args": ["-m", "ltchiptool_mcp"],
"env": {
"PIDEV_ENGAGEMENTS_DIR": "/path/to/engagements"
}
}
}
}PIDEV_ENGAGEMENTS_DIR controls where standalone-engagement output is written. Defaults to ./engagements/ relative to the package root.
Tools
Tool | Safety Tier | Description |
| read-only | Operator instructions for yank-restore. No subprocess. |
| allowed-write | Run |
| read-only | Validate args, resolve output path, return operator instructions. |
| allowed-write | Run |
| allowed-write | Run family's dissect command. Decrypts + extracts partitions. |
| read-only | Strategy registry of validated families. |
| read-only | All boards ltchiptool knows about, each with vendor/product/family. |
prepare/start protocol
prepare_* and start_* tools come in pairs and are stateless. The natural agent flow:
Agent calls
prepare_chip_info(serial_port, family)-- gets operator instructionsAgent relays instructions to operator, waits for "ready"
Agent calls
start_chip_info(serial_port, family)with the same args -- runs ltchiptool
If the HITL window is missed, start_* returns {"error": "hitl_window_missed", ...} and the agent re-invokes start_* (no need to re-prepare). prepare and start are independently callable; calling start without prepare just skips the operator briefing.
Safety Model
Three tiers enforced at the MCP server boundary:
read-only: full autonomy, no side effects
allowed-write: autonomous execution, all calls logged
approval-write: reserved for future
flash writewrapper (no MVP tools)
ltchiptool's flash read and flash info cannot brick the chip -- they are read-only operations from the chip's perspective. The HITL primitive is timing, not safety.
Architecture
mitm-mcp client (Claude Code, etc.)
|
stdio transport
|
ltchiptool-mcp (server.py)
|
tools.py -> runner.py -> subprocess.run("ltchiptool ...")
-> subprocess.run("bk7231tools ...")
|
USB serial (UART) -> Target chiprunner.py is the only module that calls subprocess. Everything else routes through it. parsers.py handles text-to-dict for ltchiptool's table output and bk7231tools' container/storage output. families.py holds the per-family strategy registry.
Family scope
MVP: BK7231N + BK7231T (Tuya/IoT plug ecosystem, share the same yank-restore procedure).
The architecture supports any ltchiptool family. New families register a FamilyStrategy in families.py with their own ltchiptool_arg, HITL action description, dissect command, and parsers. We do not promise families work until we have target hardware to validate.
Tests
pytest # all unit tests
pytest -m hardware # integration, requires real BK7231 targetThe hardware tests are gated by pytest.mark.hardware and skipped by default.
Why a separate MCP from buspirate-mcp
ESP-class workflows depend on the BP6's bridge mode + esptool, so they live in buspirate-mcp. BK7231-class workflows do not -- the BP6 onboard PSU trips on Beken inrush, so external power is required, and the substrate is whatever USB-UART works. Decoupling the chip-family extraction from the BP6 substrate keeps both submodules focused.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mplogas/ltchiptool-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server