A $7 Ring, a Reverse-Engineered Protocol, and Why This Is How It Should Work

Someone reverse engineered the Bluetooth protocol of a $7 smart ring from Temu, built their own iOS app from scratch, and open sourced the whole thing. The app keeps your health data local, has an optional AI coach, and costs nothing beyond whatever you spend on API keys. I’ve been thinking about this for a couple of days now and I can’t quite let it go.

The backstory is worth understanding. The person who built it started by looking at the Google Fitbit Air, which wraps an LLM around your health data and gives you daily briefs and a conversational coach. The concept is genuinely good. The execution involves paying $100 upfront, then $10 a month, and handing Google a continuous stream of your heart rate, sleep cycles, and whatever else the band picks up. Whoop is worse: up to $360 a year, and your biometric data sitting on their servers indefinitely. There’s no world in which that ends well. Health insurers are already creative enough without being handed a granular record of your cardiovascular fitness.

So they bought a $7 ring instead, sniffed the BLE packets with a dongle, worked out the protocol manually, and built PulseLoop. Two weeks of work. The result: an open source iOS app, everything stored locally with SwiftData, live workout tracking with GPS and heart rate zones, and an AI coach that’s genuinely grounded in your actual numbers rather than vibes. The LLM component is optional, uses your own API keys, and most providers don’t train on API call data. If you just want charts, you get charts.

The accuracy question came up in the comments and the answer was more reassuring than I expected. Comparing the ring against an Apple Watch and a Fitbit Air over two weeks, the variance on steps, heart rate, and sleep was small: within about 5 beats per minute and 10 minutes. Second-order stuff like calories is harder to pin down, which is true of every wearable. The $7 ring is not magic. But it’s not garbage either.

What struck me most wasn’t the technical achievement, impressive as it is. It was the instinct behind it. The commercial health wearable industry has quietly decided that your biometric data is part of their business model, and the subscription is just the part they’re honest about. Building your own tooling to opt out of that is exactly the right response. It’s the same logic behind self-hosting your own services: not because you’re paranoid, but because you’ve read enough terms of service to understand the incentives.

There’s a real tension I’m sitting with, though. The LLM component is what makes the app compelling beyond basic data logging, and running an LLM means sending data somewhere, even with the privacy-preserving API arrangements. On-device LLMs are apparently in progress, which would close that gap. Until then it’s a trade-off you have to make consciously, which is at least more than the commercial alternatives offer.

The safety question is also fair. A lithium battery in a $7 ring is not subject to the same QA process as something from a reputable manufacturer. Someone in the comments mentioned a degloving incident involving a ring battery failure and I’m not going to pretend that’s not a real category of risk. You’re making a calculated bet. Most cheap consumer electronics don’t explode. Some do.

The broader thing here is what happens when someone with the right skills decides that the existing market isn’t serving them and just builds what they actually want. The commercial fitness wearable space has been remarkably resistant to competition from below because the software and data integration is hard. A project like this doesn’t solve that problem for everyone. But it demonstrates that it’s solvable, which matters.

Android support is being worked on through community forks. More ring hardware support is coming. Someone in the comments suggested setting up a group buy with the AliExpress supplier so people can get a guaranteed-compatible ring without the Temu lottery, which is a genuinely good idea.

I don’t know if PulseLoop will still be actively maintained in two years. Open source health projects have a mixed track record. But the code is there, the protocol documentation is there, and someone did the hard work of figuring it all out. That’s worth something regardless of what happens next.