Skip to content(if available)orjump to list(if available)

Buttplug MCP

Buttplug MCP

145 comments

·May 30, 2025
Visit

stevesimmons

A few prior HN discussions on the Buttplug standard, including the inevitable "in Rust":

* Buttplug: An open-source software suite for teledildonics (https://buttplug.io/) 5 years ago | 249 comments

* Empathy for the user having sex with your software (https://docs.buttplug.io/docs/dev-guide/intro/buttplug-ethic...) 10 months ago | 127 comments

* T-code – A protocol for implementing UART serial communications to an adult toy (https://stpihkal.docs.buttplug.io/protocols/tcode.html) 2 years ago | 74 comments

* An open-source standards and software project for intimate hardware (maybe NSFW) (https://buttplug.io/) 7 years ago | 39 comments

* Buttplug Sex Toy Control Project Implemented in Rust (https://buttplug.io/) 2 years ago | 3 comments

oliwarner

Teledildonics is just an amazing word. Really makes me want to contribute to BO.io to pad out my CV.

Then again, it might raise uncomfortable questions about the pen testing I have on there. Something something something backdoor.

TeMPOraL

So many ideas and industry terms get much more interesting when applied in this area.

Penetration testing (especially with red and blue teams). Agile. Continuous delivery. "Move fast and break things". Application firewall. Protection at rest. Injection attacks. Man in the middle. Load balancing. And so on.

There's one phrase I'm too fond of, that I thought of the other day:

Enterprise Teledildonics

Someone please make it become a thing.

walthamstow

It may be UK or even London-specific but 'exponential backoff' is a great phrase in our lexicon.

'Packet sniffing', while not sexual, is also something a lot of men in Britain do.

intrasight

And of course the precursor to all inappropriate technical computer terms: finger

>Someone please make it become a thing

Why stop there? How about "Global Teledildonics". I think the world would be a better place with that.

semi-extrinsic

Edge computing. Deep learning. Uncertainty quantification. Attention head. Sparse probing. Queue managment. Consensus algorithm. Parallell I/O.

Centigonal

If you do enough enterprise teledildonics, you may end up with an excess of Splunk.

chneu

A/B testing my teledildonics.

null

[deleted]

GloomyBoots

Pretty sure in this niche a MITM is called a Lucky Pierre.

donjoe

Let's hope it's deepseek-compatible.

pcthrowaway

If you can demonstrate a novel pathway to inserting large payloads into unsuspecting backends, you may be a good candidate for government jobs.

oliwarner

No one distributes their package like me.

wantoncl

FizzBuzz will become an especially relevant interview question.

ssousa666

my intuition tells me that this problem is best solved using DP

palmfacehn

https://en.wikipedia.org/wiki/Back_Orifice

ThatMedicIsASpy

Feel free to do so. As I have started to play with one (Edge 2) this week and the device control part of the documentation is basically empty.

fer

Something something code injection.

rgoulter

Related:

* Deldo is a sex toy control and teledildonics mode for Emacs (github.com/qdot) (2021) https://news.ycombinator.com/item?id=29207607 | 126 comments

neomantra

That is also by qDot [1], the Buttplug.io author. When I just looked at their GitHub today, I realized I used their libs in other projects over the years (OpenKinect and libnifalcon). They share lots of great work!

[1] https://github.com/qdot

qdot76367

Awww shucks, thanks :D

DonHopkins

I am now having second thoughts about having named my cat Emacs!

wiml

Is this the "vibe coding" I keep hearing about?

edelans

From their front page on buttplug.io :

« We were vibe coding before it was cool. »

><

robingchan

I do wonder what UAT looks like for such a project

engmarketer

pretty sure OP has put in some thought into this. you've got to really dig into the hardware specs for this

cranberryturkey

https://github.com/profullstack/mcp-server was vibe coded

Perz1val

I've seen APIs for controlling those toys already a few times and it always surprises me that they're quite open. It's a thing I'd expect each device to come with a proprietary locked down app and nobody complaining about it publically, because that'd look.bad on them. Anyone can tell me why is that different? Is it because huge corporations are staying away from the market, thus they couldn't have ruined it?

Kwpolska

AFAIK, those APIs aren't publicly described by the vendors, they were reverse engineered by the community. Also, the toys themselves are Bluetooth-based, so pairing and proximity are enough for security.

devjab

I'm not English and I'm not sure what you would call electronic devices in your house, but very few of the ones you'd find in a typical Danish household which are locked down particularily well. It tends to be fairly easy to "hack" anything which has a computer in it, whether that is your Microwave, your electrical toothbrush, your router, your e-bike or something similar. What sets sex-toys appart is probably the amount of effort people are willing to put into hacking them. I'm guessing here, but I imagine you'd find a lot more people wanting to hack their sex-toys compared to people wanting to hack their Microwave.

Until I saw this post, I thought the e-bike community was the largest "hacker" community in regards to tampering with your electronics, but I imagine it too is dwarfed by sextoy hackers. Anyway, here in Europe there are a lot of hacks for e-bike computers. Part of this is because many people want to increase the software restraints on speed limits. Which is illegal, and, at least in larger Danish cities also very likely to get caught. Many people do it for statistics though, my e-bike computer as an example resets my "current" milage every 500km and then store the total in another place (something which gets reset everytime it's in the shop). It also didn't have a clock option for any of it's standard screens. My primary reason for hacking it was getting a clock on the display, but I now also back-up my milage + I have some added statistics for fun. When it needs to go into the store, I re-flash it to the factory settings or whatever you'd call it. I'm by no means a device hacker, but it wasn't hard to search engine my brand and find the tools I needed to do what I wanted.

Anyway, I don't think there is a lot of "secuirty" in any of our daily devices. Maybe it's because I'm European and a lot of people wouldn't want the NSA watching in through a Google Camera, and therefor buy non-major-tech-company brand stuff, but even things from large brands like Bosch are very hackable. Again, I'm not a device hacker as such, but isn't everything rather hackable once you have the hardware?

yard2010

How would you get caught for opening a speed restrictions and what are the consequences?

Grayskull

My guess is, it has to do with cam streamers and ability for people to develop extensions for streaming platforms for their devices. Lovesense, for example, became shorthand for "toy controlled by chat" on streaming sites.

koolba

> I've seen APIs for controlling those toys already a few times and it always surprises me that they're quite open.

Not really. People in the space are to used bending over backwards to please their customers.

jijijijij

Pretty sure that's because those toy companies are using cheapest off-the-shelf chips and most basic protocols, because, well, it's cheaper. Likely a lot of rebranded, "open" Chinese toys anyway. That and a neglect for reliability and security probably makes reverse engineering rather straight forward.

Assumption based on connectivity experience, since the Bluetooth connection is usually rather unreliable and weird, and obviously not as well engineered as even cheap Bluetooth in-ear headphones, or game controlers. Ironically very susceptible to being blocked by body parts (which means vibe no more). Seems, like it's some dead simple serial transmission, which isn't fault tolerant at all. Those controllers are not bothering with any buffering, or much any computation at all really. Seems like they just straight stream signals to the motors.

tecleandor

As @Kwpolska says, mostly they have reverse engineered Bluetooth protocols. I'm on my work computer (that's fiercely monitored) so can't give you much links right now, but Buttplug site has information about all the messages and protocols. And some of them are quite a mess.

Some of them, like Lovense, have said they had intention to publish APIs, but they just have some empty repositories in Github. (Lovense is a weird company, everything points to just one or two persons in [IIRC] Taiwan. They're very opaque.)

And some have been fishy too. There have been class actions against brands like Hytto / Lush [0] or We-Vibe [1]

--

0: https://www.courthousenews.com/judge-forwards-class-action-s... 1: https://topclassactions.com/lawsuit-settlements/lawsuit-news...

lofaszvanitt

Of course these tools are open, otherwise how would you interface with them?

randunel

> Buttplug is an open-source standards and software project for controlling intimate hardware, including sex toys, fucking machines, and more.

> Intimate Haptics Control Standard and Library

From https://buttplug.io/. You get better explanations here https://buttplug-spec.docs.buttplug.io/docs/spec

agys

The .io top level domain is a perfect choice.

ngruhn

oh my god, you're right xD

qdot76367

Woah! Hi!

I'm qDot, creator and project lead of https://buttplug.io!

We're already well off the front page but feel free to AMA. :)

bennett_dev

This plus ChatGPT scheduled tasks could make an interesting alarm clock

hypercube33

Looks like it has home assistant integration so you can have alerts when you forget your garage door open

sebstefan

Keeping this in my bookmarks for the inevitable moment someone says big tech can shove unwanted AI features up their ass.

neomantra

Author here. What a Happy Friday to see this now, as I created it on April Fool's Day. I annually do silly personal projects on that day. That week I happened to be playing with MCP servers and thought it would be funny. ConAcademy is where I put weird ideas and implementations.

I will state that this specific MCP Server is pretty useless and certainly not how one would want sexual interaction, I try to indicate this in the README. But, a beginning has to start somewhere and good-giving-game is how we roll so it's on GitHub.

[Ironically two years before, my project was Buttplug-integration in a Charm-powered SSH chatroom with BubbleTea TUI. That navigated aspects of digital consent via SSH keys, making an anonymous graph of what entities could do what to other entities' devices. I think some of that is needed in an Agent-Controlled MCP future.]

I'm not the Buttplug.io maintainer, but did chat with them about this for a while on Discord. While I have your eyeballs, they are looking for additional maintainers for their project if any Rustaceans are interested. This MCP server is written in Golang but would be better in the Buttplug ecosystem if it was Rust.

My early career was in haptics research and I have several patents in it via Immersion. My master's thesis was writing a 3D haptic renderer and integrating haptics into VRML, if you remember that! I have worked on NIH grants for Sexual Dysfunction diagnostic devices and created homemade toys. Now that I just received my Neurable EEG headset, I am working on Biaerolar Beats research [1].

On the topic of vibe coding, yes I vibrated my LELO F1 with this, but this project was truly a hand job. I did try to vibe code `a2a4a2a` (A2A protocol for A2A fun) a few weeks ago, with both Claude and Gemini, but A2A protocol was too new and it was too hard for me to teach it A2A. I'd be interested in seeing how people handle this in general.

All in all, it was fun and I learned a lot about tool-calling LLMs. That week I made three MCP servers (thanks `mark3labs/mcp-go`), one for money [2], this one for sex [3], and one for drugs [4].

Although I haven't followed up on that last AgentDank [4] yet, it's probably the coolest in terms of open data and actual AI results -- just watch the video there. Bringing custom data plus SQL endpoint to a tool-calling LLM is ridiculously powerful.

[1] https://github.com/ConAcademy/biareolar-beats [2] https://github.com/NimbleMarkets/dbn-go/blob/main/cmd/dbn-go... [3] https://github.com/ConAcademy/buttplug-mcp [4] https://github.com/AgentDank/dank-mcp

souldeux

> certainly not how one would want sexual interaction

speak for yourself

amelius

Curious how people here see the privacy implications of the various services out there. I suppose it was simpler in the old days where you could just buy a product and have no relationship whatsoever with the vendor and so nobody watching over your shoulder (as is the case with VR goggles nowadays and many other types of services).

comrade1234

Is there an llm that can dirty-talk? Would be amusing to tie the two together.

npteljes

Hosted services tend to use censorship, but the way they did the censorship originally can be reverted to a high degree in the model, with "abliteration". Then, if you have access of such a model, that can surely dirty-talk. Or so I have heard.

https://ollama.com/search?q=abliterated

Perz1val

I'd assume the protocol was made after somebody made an LLM tell them their fantasies and wanted to enhance the experience

null

[deleted]

samuel

There are fine tunes for that, sure.

nickthegreek

meta's bots were dirty talkin to kids a week ago.

imafish

Grok Sexy Mode? :)

tankenmate

When Vibe Coding meets Headcrash (Bethke)[0]

[0] https://en.wikipedia.org/wiki/Headcrash