I purchased one of these: https://www.amazon.com/gp/aw/d/B078NPGFMH does anyone know how to control using node red?
Hmm, Wi-Fi based, no hub, remotely controllable via an app - that means that the lightbulb talks over the Internet to a remote server run by person or persons unknown. I've no idea how they plan to keep the servers running as they don't charge you for the service - oh wait, yes I do! You can bet there is some kind of tracking and selling of data to 3rd parties in there somewhere
I can't find any evidence of anyone having reverse engineered the protocol it uses - that would be the first port of call as you could then turn off Internet access for the bulb. If the app is capable of working without the Internet, you could probably intercept the traffic and work things out. Bit of a specialist job though as it likely has some simplistic encrypted token that you would need to work out.
However, if you are OK with the lack of security, you can simply work with IFTTT or indeed one of the Google Home or Alexa nodes and control it that way. Just note that IFTTT isn't generally "real-time", there may be quite a delay sometimes. However, it is the simplest to set up.
Remote server to a person's unknown? There are a lot of connection options they could be using. Websockets, mqtt . . . They could be using a microcontroller like an esp8266 to host a local webserver for setup or an esp32 that hosts both a webserver and can communicate through Bluetooth. Either way, it does not communicate to some random server to work. My question though was regarding the payload data that you would have to send to it to control it. Is anyone familiar with this light?
lots of options they could be using... - the ad says for more info see their website... and for me that is one that is auto-blocked by our firewall as being of dubious reputation and likely to contain malware... so sorry - not going to investigate (if I even could
https://github.com/ct-Open-Source/tuya-convert --- its a way to flash a lot of iot devices that were private label made by Tuya... with custom firmware that will let you push mqtt messages to it and therefore be controllable via Node-Red
youtube has a lot of stuff too about tuya-convert. I've done a lightbulb and a smart switch so far.
As Dave says, it is worse than a random server - it is a server run by an organisation that doesn't charge you though it certainly costs them money - how to they make money? If the service is "free", the money will come from you in a different way or they will go out of business - at which point your devices will likely be useless anyway. That way is almost certainly selling information about you to unknown 3rd parties.