Golioth has introduced a ton of of new capabilities for users who want to use Bluetooth to connect their products to the Cloud. I thought I’d give a quick rollup of where we are with Golioth Connectivity and Pouch, which are how we enable indirectly connected devices to talk to the Cloud.
We have been working on this capability for the past 2 years, and we launched ‘public beta’ back in August. This article will be a slice in time for the things we have done so far, so be sure to check out the above repositories for the latest in each area…or keep an eye on the blog for the latest Bluetooth news.
Currently available with Golioth Connectivity / Bluetooth
As of December 2025, we have a fully functional system that security transits Bluetooth packets between low power devices up to the Cloud and back again. This includes our streaming data feature (tied to Golioth Pipelines), the Golioth Settings Service, and Over-The-Air Firmware Updates. This allows our users to create fully featured demos and products, and many are already moving towards productization.
Chip support
Our current implementation is built on top of Zephyr and their popular Bluetooth support throughout the industry. That means we support a wide range of vendors, almost with no customization needed between them. We have shown support for many of the Bluetooth chip vendors in Zephyr
This is not all the device types that can utilize Golioth capabilities, but instead are the ones we have tested and continue to test.
Gateway Reference Implementation
In order for indirectly connected devices to talk back to the cloud, they need to transit through a trusted or semi-trusted gateway. We have built a reference implementation that does just that, supporting different connectivity methods to target price points and application spaces that match our customers’ needs. We offer precompiled binaries for our reference implementation for the following boards
- NXP’s FRDM-RW612 Ethernet/Wifi dev board (~$30)
- Nordic Semiconductor’s Thingy 91:x Cellular platform (~$99)
- Nordic Semiconductor’s nRF9160-DK Cellular dev board (~$129)
- Ezurio’s Sentrius MG100 Cellular product (~$150)
Secure by default
As in any Golioth endeavor, security is a first concern, not something left until the end of the development cycle. End-to-end encryption support is default and neither the gateway nor a bad actor with an SDR can peer in on the packets transiting through to the Cloud.
We’ve always required that traffic going to Golioth is encrypted, but the new requirement is that any device using Pouch must also utilize certificates (instead of PSKs). Using certificates ensures that Golioth is never in possession of private key material for the device, and supports provisioning fleets at scale. Certs are easier than ever on our platform, including a new client side tool to generate temporary device certs. We have also been doing education around how certs work. Future education will be around the private key never leaving the device, yet still having accessible sane platforms for manufacturing devices (since that’s the goal for all of us)
Over-The-Air (OTA) firmware update works out of the box
By far one of our most popular features, we made sure firmware update is baked in for our standard BLE_GATT demo in the Pouch repository. You can see it working in this video. For a more in-depth look, you can also see how we utilized the LED display on our demo board to showcase OTA working. The main takeaway is that your Bluetooth updates are already working as soon as you choose to use Golioth Connectivity.
Ready-made examples
In addition to the demos above, we have new Reference Designs that highlight real-world use cases. Our Digital Signage design shows how you can talk to smaller Bluetooth devices from a gateway and send out live commands to reconfigure devices in the field, especially over a short area. For people looking to use a single Bluetooth device with multiple gateways, we also show how we can roam between gateways, a key feature in asset tracking.
In the future we expect to see more demos revolving around asset tracking and mobile app + gateway combinations. Pouch already supports large payload upload/download, so you could reasonably expect to see more AI/ML examples coming down the pipe too.
Pattern matching for your next Bluetooth project
We’ve been thinking about how our customers start up new Bluetooth projects or look to update existing projects. Sure, we want to make sure we serve the broadest Bluetooth market, but we also want to make sure we are covering use cases our customers are encountering on a daily basis.
As mentioned above, we are thinking more about the mobile app in relation to Bluetooth and Cloud capable devices. Golioth Connectivity can live alongside other GATT profiles and enables cloud capabilities without another full cycle of development. Basically, “Add cloud management and reporting to your Bluetooth device”. This includes adding OTA to any Bluetooth product, which is unfortunately an afterthought in many product design cycles. If you’re not already discussing compliance with the EU’s new Cyber Resilience Act (CRA), you might want to start. Our platform helps to satisfy many of the requirements for the 2027 due dates.
Overall, Golioth cuts down on development requirements for Bluetooth applications. Fewer app developers are required to stand up a prototype, and the communication between app and device is clearer with Golioth Connectivity. Whether you’re a hardware/firmware team looking to do less on the app/cloud side or you’re a cloud team looking to quickly enable Bluetooth applications with remote control and secure updates, we have something for everyone.
What’s coming in 2026
We already have changes in our internal testing setup and we are validating them in an on-going basis. Here are some of the high level changes you can expect in the new year:
- Performance improvements – A new transport protocol between devices and gateways, resulting in significant increases in transfer speeds without adjusting Bluetooth radio parameters that impact power.
- Better customization – Pouch has a specific way of advertising and syncing, but future improvements will allow choosing which devices to sync, when to sync them, and when to disconnect from them. This will drive better bandwidth utilization for large networks and more efficient operations.
- Gateways everywhere – Pouch protocol and the ability to shuttle packets up to the Cloud already is working on the embedded hardware listed above. This code can also be shrunk down to fit in other form factors than standalone gateways. We’ll show how to put gateway functionality into more devices, for better connectivity of all devices.
- More hardware – As more chip vendors join the Zephyr ecosystem, our hardware choices become more bountiful. We will continue testing for different hardware options and sharing about any required changes to the underlying firmware to make it work with Golioth.
- Improved transport-level security – We already offer/require end-to-end encryption from the device to the cloud. In the new year, we’ll also enable Bluetooth pairing to encrypt and optionally authenticate communication between devices and gateways. Security is a first principle at Golioth.
Imagine: these are just the things we’re willing to tell you about! Many more are planned for the new year and are already in early-concept phases. If you have any suggestions, drop them on the Golioth Forums or let our devrel team know if you need any help getting started today.
No comments yet! Start the discussion at forum.golioth.io