feat(unitree): forward aes_128_key to WebRTC driver for G1 firmware >=1.5.1#2117
feat(unitree): forward aes_128_key to WebRTC driver for G1 firmware >=1.5.1#2117mihai-chiorean wants to merge 1 commit into
Conversation
…=1.5.1 Unitree G1 firmware 1.5.1 added a data2=3 WebRTC handshake that requires a per-device AES-128 key (fetched from Unitree cloud once via `unitree-fetch-aes-key --email YOU --sn <serial>`). The upstream `legion1581/unitree_webrtc_connect@v2.1.1` accepts this via the `aes_128_key=` kwarg; without it the handshake fails with `RSA key format is not supported` from pycryptodome reading ciphertext bytes. `UnitreeWebRTCConnection.__init__` now accepts an optional `aes_128_key` kwarg and falls back to the `UNITREE_AES_128_KEY` environment variable so existing call sites do not need to change. When the value is unset the call to `LegionConnection` is byte-identical to the previous behaviour, so this is a no-op for G1 firmware <1.5.1 and for Go2. Verified against a Unitree G1 EDU+ on firmware 1.5.1.1 via `dimos run unitree-g1-basic` - the WebRTC handshake on 192.168.123.161:9991 succeeds with UNITREE_AES_128_KEY exported and reproduces the `RSA key format is not supported` failure without it.
Greptile SummaryThis PR wires an optional per-device AES-128 key through
Confidence Score: 5/5Safe to merge; the change is additive, fully backward-compatible, and correctly guarded so existing callers see no behavioural difference. The diff is small and self-contained: one new optional parameter with a truthiness guard, an env-var fallback, and a **extra splat that produces an empty dict when the key is absent. The only follow-up worth noting is that the two higher-level G1 module configs don't yet expose aes_128_key declaratively, but that is an ergonomic gap, not a defect — the env-var path works for all existing call sites. No files require special attention; dimos/robot/unitree/g1/connection.py and dimos/robot/unitree/g1/effectors/high_level/webrtc.py could optionally grow aes_128_key config fields as a follow-up. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[UnitreeWebRTCConnection.__init__ called] --> B{aes_128_key kwarg provided?}
B -- Yes --> D{key non-empty?}
B -- No --> C[Read key from environment]
C --> D
D -- Yes --> E[extra = aes_128_key kwarg dict]
D -- No --> F[extra = empty dict]
E --> G[LegionConnection with key forwarded]
F --> H[LegionConnection unchanged call]
G --> I[self.connect]
H --> I
Reviews (1): Last reviewed commit: "feat(unitree): forward aes_128_key to We..." | Re-trigger Greptile |
|
reason for legion client fork is that unitree-webrtc-connect-leshy had a more efficinet lidar data parser and we had some issues with aiortc package pinning and had to fork it as well legion1581/unitree_webrtc_connect@master...leshy:unitree_webrtc_connect:master for FDEs (or anyone else here in the thread:) - we need to validate this on current g1s/go2s (ensure my lidar changes are now merged to legion client, transition to legion lib, test on our robots, make sure installation works, merge this) |
| self.stop_timer: threading.Timer | None = None | ||
| self.cmd_vel_timeout = 0.2 | ||
| self.conn = LegionConnection(WebRTCConnectionMethod.LocalSTA, ip=self.ip) | ||
| # Per-device AES-128 key required by G1 firmware >= 1.5.1 (data2=3 WebRTC handshake). |
There was a problem hiding this comment.
We could also include GO2 firmware 1.1.15 as it has the same issue and this should fix it for the GO2 too !
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
3 participants
Motivation
Unitree G1 firmware 1.5.1 introduced a
data2=3WebRTC handshake that requires a per-device AES-128 key. Without it the connection fails insideunitree_webrtc_connectwithRSA key format is not supported(pycryptodome trying to parse ciphertext bytes as an RSA key).The per-device key is fetched from Unitree's cloud once via
unitree-fetch-aes-key --email YOU --sn <serial>and then cached locally. The upstream driverlegion1581/unitree_webrtc_connect@v2.1.1accepts it through anaes_128_key=kwarg onUnitreeWebRTCConnection. The dimos wrapper atdimos/robot/unitree/connection.pynever forwarded it, so anyone on G1 firmware >=1.5.1 cannot use the dimos Unitree integration today.Change
UnitreeWebRTCConnection.__init__now accepts an optionalaes_128_key: str | None = Nonekwarg and falls back to theUNITREE_AES_128_KEYenvironment variable. The value is forwarded to the underlyingLegionConnectiononly when non-empty, so the call is byte-identical to the previous behaviour when unset.Verification
Tested on a Unitree G1 EDU+ (model string
G1_Edu+) at firmware 1.5.1.1. WithUNITREE_AES_128_KEYexported in the shell,dimos run unitree-g1-basicproceeds past the WebRTC handshake on192.168.123.161:9991and the robot accepts motion-switcher / wireless-controller commands as before. Without the env var, the same command reproducesRSA key format is not supportedand the handshake never completes — same behaviour asmain.No breaking change
The kwarg is optional and defaults to
None. The env-var lookup is opt-in (only consulted when the kwarg isNone). Callers on G1 firmware <1.5.1 and all Go2 robots see no behavioural change — the**extrais empty and theLegionConnectioncall is byte-identical to the old one.Optional follow-up (not in this PR)
pyproject.tomlcurrently pinsunitree-webrtc-connect-leshy>=2.0.7. Theaes_128_keykwarg + the_decrypt_data1_v3path that consumes it landed inlegion1581/unitree_webrtc_connect@v2.1.1. Ifunitree-webrtc-connect-leshyis a downstream rebuild of that repo and is already on >=2.1.1, no change is needed and this PR is enough on its own. If it's still tracking 2.0.x, the dep will also need to be bumped (e.g. via[tool.uv.sources]pointing atgit+https://github.com/legion1581/unitree_webrtc_connect.git@v2.1.1). Happy to follow up in a separate PR if maintainers confirm the situation.