GR-LoRa is a Reverse-Engineered Open Source Implementation of LoRa PHY

Orange Pi Development Boards

LPWAN standards such as LoRa or Sigfox allow you to transmit data over long distance, at ultra low power (up to 10 years on a AA battery), and for free if your use your own network (P2P or gateway), or a few dollars per years if you go through a network provider. The low cost is possible since those standards rely on 900 MHz ISM bands, meaning nobody has to pay millions of dollars to the government to obtain a license fee. Matt Knight looked at LoRa, and while Level 2 and 3 of the protocol (LoRaWan) has public documentation, Level 1 (LoRa PHY) is proprietary and the standard is proprietary.

microchip-rm2903-ettus-b210-sdrSo he decided to reverse-engineer LoRa PHY using Microchip RN2903 based LoRa Technology Mote and Ettus B210 USB software defined radio, and software packages and tools such as Python and GNU Radio to successfully deliver GR-LoRa open source “GNU Radio OOT module implementing the LoRa PHY”.  He presented his work at GNU Radio Conference 2016 on September 15, and the video is worth a watch. He first explains why LPWAN IoT standards are awesome, the motivation about reverse-engineering work (mostly security), the hurdle (e.g. lies in documentation), the results, and work to be done.

You’ll find the presentation and the research paper on Github.

Thanks to Emanuele for the tip.

Support CNX Software - Donate via PayPal or become a Patron on Patreon

Leave a Reply

8 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
5 Comment authors
Ted MyersJMzoobabcnxsoft Recent comment authors
newest oldest most voted
Notify of

Would it run on an RTL-SDR? Where I live, there is a LORAWAN network, and the 3 basestations covering the whole city are in receive only. They are based on some Semtek chip, which is different from the client since it listens on different channels at the same time. Would it be possible to redo that base station with 3 rtl-sdrs?


In theory you could, but you’d have to do a lot of work on the current implementation as it only supports one spreading factor (SF8) and CR 4/8.

It would also be intensive to decode in software the 8 channels like the Semtech chip does (their chip is a FPGA)

Considering a genuine LoRaWAN gateway can be had for about $150 I’m not sure this will be a priority anytime soon.


Isn’t it amazing how protocols that aren’t available on the market are always better?


Just curious where are you guys able to access narrow band spectrum? In the USA in NEW York state and city local government has reign and it’s limited to police and emergency use. Actually you DO need licensure from local government to access. Grrhh. USA the land of the brave but not so free.

Ted Myers