[CNLohr] needs no introduction around these parts. He’s pulled off a few really epic hacks. Recently, he’s set his sights on writing a simple, easy to extend library to work with the HTC Vive VR controller equipment, and in particular the Watchman controller.
There’s been a lot of previous work on the device, so [Charles] wasn’t starting from scratch, and he live-streamed his work, allowing others to play along. In the process, two engineers who actually worked on the hardware in question, [Alan Yates] and [Ben Jackson], stopped by and gave some oblique hints and “warmer-cooler” guidance. A much-condensed version is up on YouTube (and embedded below). In the links, you’ll find code and the live streams in their original glory, if you want to see what went down blow by blow. Code and more docs are in this Gist.
In the end, it all ended up being a lot of hard work because the Watchman controller needs to send its orientation and accelerometer data wirelessly, and this means compressing a lot of data down into a tiny trickle. All possible tricks were used, including variable-length fields where one bit indicates whether the next byte still belongs to this sample or the next, and packing the data into a frame from both ends. We see why figuring out the protocol drove [Charles] nuts! His dissection begins ten minutes into the summary video.
Besides the hints, the community involvement, and sheer persistence, [Charles] was also helped by being able to generate his own data. Instead of relying on the placement of the device in space, an AVR blinked IR LEDs into the controller to generate known timing deltas. Remember this general technique if you’re reverse engineering anything.
We think the Vive is very cool, and we’ve covered hacks into it before. From [Trammell Hudson]’s early hacks to this recent jaw-dropping drone orientation demo, hackers have been figuring out how to use the Lighthouses on their own. Now [CNLohr] (and the community) have decoded one of the last remaining parts of the OEM hardware. Woot!