How to Disable DAA SLA Authentication on Xiaomi /Poco /Redmi devices

DAA (Download agent authentication) and SLA (Serial Link Authorization) is a security feature that Xiaomi Implement on their Mediatek devices to Prevent unauthorized flashing. once DAA or SLA Authentication implanted it will prevent flash tool to write any device partition without completing the challenge.

In the case of DAA Protection You can bypass it by loading a custom or slightly Modified DA (Download agent file) in SP Flash tool. but in case of SLA You can’t load a DA File without completing the SLA challenge which is done through the Special account called Authorized MI account or ID that are given to service center for repairing Xiaomi devices.

How SLA works:

that’s simple, during the flashing, device generate a decrypted random string if BROM (boot ROM/EDL) validate this string it allow partitions writing if not then flash tool show a BROM error.

Supported Xiaomi /Poco /Redmi devices:

  • all Xiaomi MTK Phone, added Latest Note 10T & K40 Gaming edition

Download Links:

  • Xiaomi DAA & SLA bypass tool V3: Download
  • Xiaomi DAA & SLA bypass tool V2: Download
  • NEW USBDK Driver (Latest Version dropped support for LIBUSB) : Download

V2 Changelog:

  • added Support for MT6261, MT6580, MT6582, MT6763, MT6799

How to Bypass DAA and SLA Protection on Xiaomi:

  • Download & extract all above files on your computer
  • Install Mediatek driver on your computer
  • Install Python on your computer
  • You need to do as in the screenshot

  • Run CMD and type below code
python -m pip install pyusb pyserial json5

  • on Phone Press Vol+ & connect it to the PC
  • Go to the bypass tool folder
  • Launching brom.bat
  • Close Window & Open the SP Flash tool folder
  • Run flash_tool.exe

  • on SP flash tool Setup Connection Like below Images
  • Click Options > Options > connection and make the settings as in the screenshot (UART connection mode)

  • done, don’t disconnect Your Phone from Your computer and perform target action Like FRP/account/pattern bypass or full flashing.