I’m quite new to the Blynk world but the possibilities has already caused my simple RGB control project escalate a bit… 
I would like to build a smartphone car key using Blynk and Bluetooth. The idea is to have a ESP32 installed in the car that can control windows, locks, etc.
I understand that no protocol is 100% secure which is why I’ll keep the stock key (with immobilizer) as fail safe. But at least I want to make sure I make it as secure as possible.
To me there is three main points of concern:
- App
- Communication protocol
- Blynk server
App: The auth token is great but its obviously not as secure as a password. Is there another way of only allowing commands from a certain device? I’m thinking maybe via mac adress validation? (A passphrase via terminal widget could be one solution, not very practical though) Any other ideas?
Communication protocol: I have not found any documentation on Bluetooth security and encryption. Which protocol is more sequre using Blynk, Bluetooth or BLE? Does Blynk use BLE 4.2?
Blynk server: What’s the role of Blynk server in Bluetooth applications? Is that a vulnerability?
Anything else that I’m missing?
- ESP32 and Bluetooth or BLE
- Android 10
- Blynk server (?)