Self-Hosted*

I spent the weekend trying to add one smart lock to my home. Not a complicated setup. Not a corporate deployment. Just one battery-powered Matter lock, one open-source smart home hub I already own, and one open standard that the whole industry has been hyping for two years. It should have taken twenty minutes.

It took multiple hours and three phones.

If you care about running your own smart home without handing the keys to a cloud vendor, this is a story worth reading before you buy your first Matter device. Because the thing nobody tells you in the marketing is that "self-hosted" has a very specific meaning these days. It means the server is on your hardware. Not the bootstrap process. Not the phone you use to set things up. Not the commissioning layer that decides whether your device can even join the network in the first place.

Where I Started

I run my smart home on Home Assistant. It lives on a server in my house. It controls lights, plugs, and a couple dozen other devices through the Zigbee protocol, and the entire thing works without ever calling home to a cloud I don't own. That was a deliberate choice. I didn't want a smart home that broke when Amazon's servers had a bad day, and I didn't want every motion sensor event logged to a third-party analytics pipeline.

When I decided to add a smart lock, I went looking for one that worked over Matter — the newish "works with everything" standard that the big smart home companies started shipping a couple of years ago. Matter is, on paper, exactly what a privacy-minded person should want:

• It's an open protocol

• It runs locally, on your network, without touching a cloud

• It doesn't require a specific vendor's hub — any Matter hub can control any Matter device

• The open-source smart home community spent a lot of energy welcoming it

I already had the hub. I bought a Matter-over-Thread smart lock. I set up the radio that would let my server talk to Thread devices directly. On the hardware and software side, I was fully self-hosted. Every piece of the stack was under my roof, running open-source code, using published protocols. No cloud dependency anywhere.

Then I tried to commission the lock.

The First Wall: Commissioning Needs Bluetooth

Here's a detail that doesn't make it into the Matter pitch decks. Before a Matter device can join your network, someone has to tell it which network to join, and how to authenticate onto it. That handshake happens over Bluetooth Low Energy, because a brand-new device out of the box has no other way to talk to anything yet. Bluetooth is used once, for about thirty seconds, and then never again. But those thirty seconds are the whole ball game. If that handshake doesn't happen, the device never joins the network and it's a paperweight.

There are two ways to handle the Bluetooth side. Your hub can have its own Bluetooth radio and do the handshake itself, directly from its web interface. Or you can use your phone's Bluetooth, running the smart home hub's companion app, which proxies the handshake to your hub over local Wi-Fi. Most home setups end up on the second path, because most hub hardware doesn't come with Bluetooth built in. I was no exception.

So: phone it is. Easy, right? I opened the companion app on my daily phone, tapped "Add Matter device," and got told that Matter wasn't available on this device.

The Second Wall: The Android Gatekeeper

Here is the part that took me a while to figure out.

My daily phone runs a de-Googled version of Android. I chose it for the usual reasons — I'd rather not have a phone that reports my location, my app usage, and my search history to an advertising company twenty-four hours a day. It runs regular Android apps. It connects to the internet. It does nearly everything a normal phone does. The one thing it does not have is Google Play Services, the layer of Google software that sits between apps and the operating system on most Android phones.

And it turns out that on Android, the entire Matter commissioning API lives inside Google Play Services. There is no Matter API at the operating system level. There is no open-source Matter commissioner you can sideload. If your phone doesn't have Google's proprietary software running on it, it cannot commission Matter devices. Not because it lacks the Bluetooth radio. Not because the protocol isn't supported. Because Google made it so.

Lets say it again for the people in the back. The protocol is open. The lock is standards-compliant. My hub is open-source. My server is on my own hardware. My phone has a Bluetooth radio that works perfectly well for every other purpose. And yet the only way to get these two devices to shake hands on Android is to install Google's tracking layer on my phone, because Google made themselves the mandatory middleman.

I spent a while looking for a workaround. There isn't one. Not in 2026. Not today. Every open-source privacy-focused Android distribution I checked confirmed the same thing: Matter commissioning does not work without Google Play Services. Period.

The Third Wall: Full-Google Android Still Failed

I figured: fine. I'll borrow a normal Android phone with Google Play Services installed, use it for the five minutes I need to commission this lock, and return it. Annoying but finite.

I borrowed a stock Android phone. Installed the companion app. Scanned the QR code on the lock. Tapped commission. Waited. Got an error: "failed to generate credentials."

I tried again. Same error. I checked the logs on my smart home server — the server that was supposedly being handed this commissioning request — and there was nothing in them. No incoming traffic. No attempted handshake. No error on my end. The failure was happening entirely on the phone, inside Google's software, before any network request ever reached my hub.

It turns out that even a full-Google Android phone isn't always sufficient. The Matter commissioning flow on Android depends on Google Home being installed and signed in, so that Google's commissioner has a "fabric" account context to operate inside. The phone I used didn't have Google Home set up. The error message didn't mention this. It didn't mention anything useful. It just said "failed to generate credentials" and stopped.

So now, to commission a lock to a self-hosted, non-Google smart home, I needed to install Google Home on a phone and sign into a Google account, just to get past Google's commissioning gate, just to tell my lock how to talk to my server. At which point we have wandered so far away from "self-hosted" that the word no longer means anything.

What Finally Worked

I borrowed an iPhone.

Installed the companion app. Signed into my local smart home server, which is all the iPhone needed to know about. Scanned the QR code on the lock. Tapped commission.

It took about ten seconds. No error. No account. No cloud service. No "generating credentials" failure. Just: commissioned. The lock joined my network, reported its status, and was controllable from my hub before I even had time to close the app.

Why? Because Apple built Matter commissioning directly into iOS at the operating system level. It does not go through iCloud. It does not require signing into Apple services. It does not require a HomeKit account. It is simply a capability that the operating system provides to any app that asks for it, the way GPS or the camera are. Any third-party smart home app can use it. And it just works.

I had spent an hour or more trying to add one device to my own smart home, running on my own server, in my own house, using an open protocol designed by an industry consortium. I had tried three phones. The only phone that worked was the one made by the company that has its own cloud empire and its own walled garden. The reward for running the most open hardware and software stack I could assemble was that I had to pick up an iPhone to finish the install.

"Self-Hosted" Has an Asterisk Now

If you take away one thing from this story, take this: open standards can still be captured at the implementation layer.

Matter the protocol is real and open. You can read the specification. Anyone can build a Matter device. Anyone can build a Matter hub. The packets on the wire are the same regardless of vendor. That's a genuine achievement and the people who worked on it deserve credit for it.

But between "the protocol is open" and "you can actually use this with your own server without involving a cloud account," there is a provisioning layer that nobody talks about. That layer — the commissioning software that runs on the phone in your hand when you press the pairing button — is not open on Android. On Android, it lives in closed-source Google Play Services and requires a signed-in Google account to work reliably. On iOS, it lives in closed-source Apple frameworks. There is no third option today. There is no de-Googled Android path. There is no Linux phone path. There is no standalone commissioner app in a privacy-respecting app store.

This is how you can own every piece of an open standards stack and still need to borrow hardware from one of two Big Tech companies to bootstrap it. "Self-hosted" used to mean the server was on your hardware and nothing happened without your say-so. It increasingly means only the first half of that sentence.

I don't think this is a conspiracy. I think it's a consequence. Matter was designed by a consortium that included Apple and Google, and both of those companies shipped Matter through the parts of their operating systems they already controlled, which happen to be the parts nobody else can replace. The standard is open on the wire because that was the whole point of the standard. The commissioning is gated because nobody thought to make it a separate goal. Now we're stuck with the result.

What You Can Actually Do

Here's what I wish somebody had told me before I started down this path. Taking these in rough order of how much effort they require:

Before you buy any Matter device, ask whether your phone can commission it. If you run a recent iPhone with stock iOS, you're fine. If you run a stock Android phone with Google Play Services and you have the Google Home app installed and signed into a Google account, you're mostly fine. If you run a de-Googled Android phone, you have a LOT of hoops to jump through. Budget accordingly before you spend money on hardware.

If you want to stay de-Googled and still run Matter, plan for a USB Bluetooth dongle on your hub. Ten dollars gets you a small adapter that plugs into your smart home server and gives it its own Bluetooth radio. After that, you can commission Matter devices directly from the hub's web interface with no phone involved at all. This is the cleanest answer. The catch is that your hub has to be physically close enough to the device you're installing, because Bluetooth's range is measured in feet and walls eat signal fast. If your hub is in a closet and your front door is on the other side of the house, you're back to the phone problem (unless you bench-test the device next to the hub first, then physically relocate it after commissioning). That trick works, because Matter-over-Thread devices keep their network credentials in memory when you unplug them.

Accept that one iPhone in the household is a reasonable compromise. Even if you live fully de-Googled day to day, owning an old iPhone that lives in a drawer and comes out once a year to pair a new device is a finite tradeoff. It is not an ongoing privacy loss the way signing into Google Home every day would be. Pick your battles.

Don't accept "just install Google Home" as a privacy answer. It isn't one. It trades a one-time commissioning problem for an ongoing ambient tracking arrangement. A one-time borrow-an-iPhone beats a daily-feed-Google by a wide margin. A separate factor that plays into this decision is segmentation; as much as possible, keep any one "walled garden" from knowing everything about you.

If you're already deep in a privacy-focused smart home setup, know that we are still doing important work. The standard failed you here, not your setup. The standard has an undocumented dependency on two companies' software stacks at the most critical moment. That's worth saying out loud because otherwise it feels like the problem is something you missed.

The Bottom Line

Matter was pitched as the thing that would finally let regular people build a cloud-free smart home. In the specific and important sense of "your lock will still work if Google's servers go down," it delivers on that promise. A commissioned Matter device talks to my server, not to Google or Apple, and it keeps working forever regardless of what either of those companies decides to do.

In the broader sense of "you can build a smart home without any involvement from Big Tech," it does not deliver. The current implementation quietly requires one moment of Big Tech involvement at the beginning of every device's life, and there is no workaround that doesn't involve either buying a different phone or bolting a Bluetooth dongle onto your hub. For many people, that's a fine tradeoff. For me, it was a reminder of something I should have known already: open standards are valuable, but they are not the same thing as open implementations, and the gap between those two is where a lot of our privacy has been quietly redefined out from under us.

If you're building a self-hosted smart home, build it with your eyes open. Check the commissioning path before you check the feature list. Assume nothing. Own the radio if you can. And keep an old iPhone in a drawer, just in case.