I think I would probably argue as well that the bootloader should be
able to run completely independent with no user image flashed, with the
ability to flash a first image over serial, but that's just my own
opinion and biased expectations in a bootloader. Obviously, I'm curious
to hear what everyone else thinks!
There should perhaps also be an options for a fail-safe mechanism to
boot into 'bootloader only' mode (polling a pin at startup) where no
firmware is executed, but you can still talk to the bootloader via the
'newtmgr' tool to flash an image, etc.
BLE complicates things, but keeping 'serial' as a baseline in the core
bootloader image should add a great deal more resilience to mynewt
devices, particularly if you're devices cost several hundreds dollars
per unit and aren't just say $30 nodes that you can pull out and replace.
K.
