There's a new tool in the hardware hacking arsenal that lets AI agents talk directly to your motherboard's BIOS chip. Ratchet, posted to Hacker News by developer jackulau on June 19th, is a Rust-based hardware debug and flash-programming toolkit built around the ubiquitous CH341A USB programmer—and it ships with a native MCP (Model Context Protocol) server that exposes its full tool surface to AI agents like Claude Desktop.

What Ratchet Actually Does

At its core, Ratchet replaces AsProgrammer and NeoProgrammer for SPI flash operations while consolidating functionality scattered across flashrom, avrdude, esptool, stm32flash, and OpenOCD into a single self-contained binary. The toolkit supports CH341A (1a86:5512) and CH347 (1a86:55db) programmers with live hardware support for SPI flash operations including read, write, verify, erase, region-erase, blank-check, and SFDP detection. It also handles I2C over both bit-bang on the CH341A and native mode on the CH347, plus JTAG IDCODE scanning via the CH347's built-in JTAG engine. The project maintains a database of 806 flash chips from manufacturers including Winbond, Macronix, GigaDevice, SST/Microchip, Spansion/Cypress/Infineon, Micron/Numonyx, ISSI, AMIC, XMC, PUYA, ESMT, Intel, and Atmel/Adesto. Chips larger than 16 MB automatically switch to 4-byte addressing, with the mode exited after each operation completes.

The MCP Server Changes Everything

What sets Ratchet apart from traditional flash tools is its built-in JSON-RPC 2.0 MCP server (ratchet-mcp) that exposes 30 tools—18 for SPI-flash and BIOS analysis plus 12 for hardware protocols—to AI agents over stdio. This means an agent can autonomously perform a full BIOS recovery workflow: detect the programmer, identify the chip via JEDEC ID, backup the current contents, analyze the image, repair any corruption, write the new firmware, and verify the result—all without human intervention beyond providing the known-good BIOS file. The MCP surface includes tools like detect, identify, read_chip, write_chip, verify_chip, erase_chip, analyze_image, bios_regions, nvram_vars, search_chips, chip_info, post_decode, failure_search, voltage_reference, i2c_scan, i2c_read, i2c_write, and jtag_idcode_scan. Tools that haven't been wired to live hardware yet (UART sniff, SWD dump, AVR/ESP/STM32 programmers, logic analyzer capture) return honest JSON-RPC errors rather than fake successes.

Safety-First Design Philosophy

Ratchet is explicitly designed not to brick your board. Every destructive operation auto-backups the current chip contents to a timestamped file before programming. The write command reads back and verifies against the source image, polling the Write-In-Progress bit after every erase and program operation to prevent race conditions—critical since chip-erasure can take tens of seconds on larger devices. The tool enforces multiple guardrails: writes refuse all-0xFF or all-0x00 images (blank/failed dumps that would wipe working firmware), rejects files larger than the target chip's capacity, and blocks operations on write-protected silicon. Destructive MCP tools require a "confirm": true argument—calls without it get an error, so agents can't accidentally trigger writes. Most importantly, the CLI refuses to silently fall back to a mock backend for destructive operations when no programmer is attached. Only an explicit RATCHET_FORCE_MOCK=1 bypasses this protection, and every destructive operation's output includes a backend field so agents can verify they're targeting real silicon.

Architecture and Status

Written entirely in Rust without Node or Python runtime dependencies, Ratchet uses custom libusb FFI via bindgen (no rusb or nusb) with safe RAII wrappers. The workspace comprises ratchet-usb-sys for low-level USB bindings, ratchet-core containing the chip database, backends, BIOS analyzer, protocol implementations, and programmer logic, ratchet-cli providing 39 top-level subcommands via clap, and ratchet-mcp exposing tools over JSON-RPC. An optional Node.js bridge (ratchet-node) via napi-rs serves consumers needing Node integration. The project claims 472 unit and integration tests passing with a LoopbackFlash test bus that emulates SPI NOR behavior for offline write-path validation.

Installation and Current Status

Ratchet is pre-release software with no GitHub Releases published yet—installation requires building from source via cargo install --path on the Rust workspace. Requirements are Rust 1.82+ and libusb-1.0 installed system-wide. On macOS, CH341A/CH347 devices load no kernel driver since they're vendor-specific USB devices, allowing direct access through IOKit without kext signing or Zadig manipulation. The tool is MIT licensed with full source available on GitHub at github.com/jackulau/ratchet. A quick-start workflow for fixing a corrupt motherboard BIOS involves clipping onto the SPI chip with power off, running ratchet status and identify to confirm connectivity, backing up current contents via ratchet read backup.bin, then executing ratchet write new_bios.bin or the one-shot pipeline ratchet full-repair --reference new_bios.bin.

The Bottom Line

Ratchet's MCP integration represents a real shift in how hardware recovery and low-level debugging could work—if you've ever wanted an AI agent to handle that 3 AM emergency BIOS flash while you grab coffee, this is the path. The safety-first design and honest error handling suggest someone who's actually bricked boards building tools with real-world failure modes in mind.