Hello.
I'd like to set up my Secure DFU bootloader so that bonding is required to activate the bootloader from a peer device (phone). But at the same time I'd like to make sure that there is a way to update the firmware even if the bond information is lost from the phone or the device itself, or even if the existing firmware is completely non-functional.
To do this I have the buttonless DFU bootloader configured to not require bonds, and the bootloader also activates on a button press. Normally firmware updates are initiated from a phone app, and the button acts as the backup. This all works, except that the buttonless DFU without bonds allows an unbonded peer to activate the bootloader. For doing anything else my device requires bonding, so allowing an unbonded device to do DFU is not ideal.
Basically I'd like to do what Einar Thorsrud suggests here. My question is how to best do that? Should I set NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS in the application, but not set the *_REQUIRES_BONDS in the bootloader? Would that work at all?
Or should I edit the hard-coded security parameters of ble_dfu_buttonless_char_add() in ble_dfu_unbonded.c? That would be easy but requires editing the SDK files, which I'd like to avoid.
