Espressif's SDK for Matter Choose target... Choose version... 1. Introduction 2. Developing with the SDK 3. Matter Controller 4. Matter Certification 5. Production Considerations 6. Security Considerations 7. RAM and Flash Optimizations 8. API Reference 9. Integration with esp-insights 10. Application User Guide 11. Copyrights and Licenses Appendix FAQs Espressif's SDK for Matter Programming Guide Edit on GitHub Programming Guide Matter is a unified IP-based connectivity protocol that is designed to connect and build open, reliable and secure IoT ecosystems. This new technology and connectivity standard enables communication among a wide range of smart devices. Matter supports IP connectivity over Wi-Fi, Thread and Ethernet. Espressif’s SDK for Matter is the official Matter development framework for Espressif’s ESP32 series SoCs. We have put together a series of blog posts that introduces various aspects of Matter. We recommend that you go through this Espressif Matter Blog. Table of Contents 1. Introduction 1.1. Espressif Matter Solutions 1.2. Try it yourself 1.3. 3. Try Data Model Validator 2. Developing with the SDK 2.1. ESP-IDF Setup 2.2. ESP Matter Setup 2.3. Commissioning and Control 2.4. Device console 2.5. Developing your Product 2.6. Factory Data Providers 2.7. Using esp_secure_cert partition 2.8. Matter OTA 2.9. Mode Select 2.10. Custom Cluster 3. Matter Controller 3.1. Controller features 3.2. Commissioner features 3.3. Production Considerations 4. Matter Certification 4.1. Firmware Development 4.2. Preparation of Files Required for Certification Testing 4.3. Testing Environment Setup and Testing Methods 4.4. Submitting Certification Application Online 4.5. Filling in Certified Product Information on DCL Website 4.6. Other notes for some certification test cases 4.7. FW/SDK configuration notes 5. Production Considerations 5.1. Prerequisites 5.2. Over-the-Air (OTA) Updates 5.3. Manufacturing 6. Security Considerations 6.1. Overview 6.2. Platform Security 6.3. Product Security 6.4. More Security Considerations 6.5. Security Policy 7. RAM and Flash Optimizations 7.1. Overview 7.2. Configurations 7.3. References for further optimizations 8. API Reference 8.1. Data Model 8.2. Generated Data Model 8.3. Endpoint/Device Type 8.4. Cluster 8.5. Attribute 8.6. Command 8.7. Core Low Level 8.8. Event 8.9. Client 9. Integration with esp-insights 10. Application User Guide 10.1. Delegate Implementation 11. Copyrights and Licenses 11.1. Software Copyrights Appendix FAQs Next © Copyright 2022 - 2026, Espressif Systems (Shanghai) Co., Ltd. Built with Sphinx using a theme based on Read the Docs Sphinx Theme. Download PDF Espressif's SDK for Matter Choose target... Choose version... 1. Introduction 2. Developing with the SDK 3. Matter Controller 4. Matter Certification 5. Production Considerations 6. Security Considerations 6.1. Overview 6.2. Platform Security 6.2.1. Secure Boot 6.2.2. Flash Encryption 6.3. Product Security 6.3.1. Secure Storage 6.3.2. Device Identity 6.4. More Security Considerations 6.5. Security Policy 6.5.1. Advisories 6.5.2. Software Updates 7. RAM and Flash Optimizations 8. API Reference 9. Integration with esp-insights 10. Application User Guide 11. Copyrights and Licenses Appendix FAQs Espressif's SDK for Matter 6. Security Considerations Edit on GitHub 6. Security Considerations 6.1. Overview This guide provides an overview of the overall security features that should be considered while designing the products with Matter framework on ESP32 SoCs. High level security goals are as follows: Preventing untrustworthy code from being executed Securing device identity (e.g., Matter DAC Private Key) Secure storage for confidential data 6.2. Platform Security 6.2.1. Secure Boot The Secure Boot feature ensures that only authenticated software can execute on the device. The Secure Boot process forms a chain of trust by verifying all mutable software entities involved in the boot-up process. Signature verification happens during both boot-up as well as in OTA updates. Please refer to Secure Boot V2 guide for detailed documentation about this feature in ESP32-P4. 6.2.2. Flash Encryption The Flash Encryption feature helps to encrypt the contents on the off-chip flash memory and thus provides the confidentiality aspect to the software or data stored in the flash memory. Please refer to Flash Encryption guide for detailed documentation about this feature in ESP32-P4. 6.3. Product Security 6.3.1. Secure Storage Secure storage refers to the application-specific data that can be stored in a secure manner on the device, i.e., off-chip flash memory. This is typically a read-write flash partition and holds device specific configuration data, e.g., Wi-Fi credentials. ESP-IDF provides the NVS (Non-volatile Storage) management component which allows encrypted data partitions. This feature is tied with the platform flash encryption feature described earlier. Please refer to the NVS Encryption for detailed documentation on the working and instructions to enable this feature in ESP32-P4. 6.3.2. Device Identity Matter specification requires a unique Device Attestation Key (DAC) per device. This is a private ECDSA (secp256r1 curve) key that establishes the device identity to the Matter Ecosystem. DAC private needs to be protected from remote as well as physical attacks in the best possible way. Recommended ways for DAC private key protection: ESP32-P4 supports HMAC peripheral with the HMAC key (software read protected) programmed in the eFuse. This peripheral can be used as a hash function (HMAC-SHA256) for PBKDF2 or similar key derivation function. And thus the DAC private key can be computed at run time using this mechanism. Note Please note that the Secure Boot must be enabled with this scheme to protect against the untrusted software execution. DAC private key can be protected using Flash Encryption or Secure Storage schemes. Important Support for DAC private key protection mechanisms described above is available in the Matter crypto port layer for ESP32 platform. Note Espressif provides pre-provisioning service to build Matter-Compatible devices. This service also ensures the security of the DAC private key and configuration data. Please contact Espressif Sales for more information. 6.4. More Security Considerations Please refer to the overall ESP-IDF Security Guide for more considerations related to the debug interfaces, network, transport and OTA updates related security. 6.5. Security Policy The ESP-Matter GitHub repository has attached Security Policy Brief. 6.5.1. Advisories Espressif publishes critical Security Advisories, which includes security advisories regarding both hardware and software. The specific advisories of the ESP-Matter software components shall be published through the GitHub repository. 6.5.2. Software Updates Critical security issues in the ESP-Matter components, ESP-IDF components and dependent third-party libraries are fixed as and when we find them or when they are reported to us. Gradually, we make the fixes available in all applicable release branches in ESP-Matter. Important We recommend periodically updating to the latest bugfix version of the ESP-Matter release to have all critical security fixes available. Previous Next © Copyright 2022 - 2026, Espressif Systems (Shanghai) Co., Ltd. Built with Sphinx using a theme based on Read the Docs Sphinx Theme. Download PDF Espressif's SDK for Matter Choose target... Choose version... 1. Introduction 2. Developing with the SDK 3. Matter Controller 4. Matter Certification 5. Production Considerations 6. Security Considerations 7. RAM and Flash Optimizations 8. API Reference 9. Integration with esp-insights 10. Application User Guide 10.1. Delegate Implementation 10.1.1. Account Login Cluster 10.1.2. Actions Cluster 10.1.3. Application Basic Cluster 10.1.4. Application Launcher Cluster 10.1.5. Audio Output Cluster 10.1.6. Boolean State Configuration Cluster 10.1.7. Camera AV Settings User Level Management Cluster 10.1.8. Channel Cluster 10.1.9. Chime Cluster 10.1.10. Closure Control Cluster 10.1.11. Closure Dimension Cluster 10.1.12. Commissioner Control Cluster 10.1.13. Commodity Price Cluster 10.1.14. Commodity Tariff Cluster 10.1.15. Content App Observer Cluster 10.1.16. Content Control Cluster 10.1.17. Content Launcher Cluster 10.1.18. Device Energy Management Cluster 10.1.19. Dishwasher Alarm Cluster 10.1.20. Door Lock Cluster 10.1.21. Electrical Grid Conditions Cluster 10.1.22. Electrical Power Measurement Cluster 10.1.23. Energy Evse Cluster 10.1.24. Energy Preference Cluster 10.1.25. Fan Control Cluster 10.1.26. Keypad Input Cluster 10.1.27. Laundry Dryer Controls Cluster 10.1.28. Laundry Washer Controls Cluster 10.1.29. Low Power Cluster 10.1.30. Media Input Cluster 10.1.31. Media Playback Cluster 10.1.32. Messages Cluster 10.1.33. Microwave Oven Control Cluster 10.1.34. Mode Base Cluster 10.1.35. Mode Select Cluster 10.1.36. Operational State Cluster 10.1.37. Power Topology Cluster 10.1.38. Push AV Stream Transport Cluster 10.1.39. Resource Monitoring Cluster 10.1.40. Service Area Cluster 10.1.41. Target Navigator Cluster 10.1.42. Thermostat Cluster 10.1.43. Time Synchronization Cluster 10.1.44. Valve Configuration And Control Cluster 10.1.45. Wake On LAN Cluster 10.1.46. Water Heater Management Cluster 10.1.47. WebRTC Transport Provider Cluster 10.1.48. Window Covering Cluster 11. Copyrights and Licenses Appendix FAQs Espressif's SDK for Matter 10. Application User Guide Edit on GitHub 10. Application User Guide 10.1. Delegate Implementation As per the implementation in the connectedhomeip repository, some of the clusters require an application defined delegate to consume specific data and actions. In order to provide this flexibity to the application, esp-matter facilitates delegate initialization callbacks in the cluster create API. It is expected that application will define it’s data and actions in the form of delegate-impl c