Scan shows unknown state

[treble37]

I have 2 Raspberry Pi 5 devices set up to experiment with a BLE MITM on a test home device. One is the "central" Pi device and the other is the "perhiperhal" PI device to run node scan on. I'm trying to get gattacker node scan to work, but I keep getting an "unknown" message. I followed the set up from a blog post (it's a little dated as it references Node 8, but the content seems reasonable). I'm really just looking for other steps I might try to troubleshoot as between some outdated Internet articles and making forked copies of various NodeJS packages to deal with dependency install issues, I'm a bit out of ideas on what to try next.

Any ideas? Booting up bluetoothctl and then issuing a scan command there yields some output of MAC addresses for various nearby Bluetooth devices, but for some reason gattacker just seems to hang on the "unknown" message. Below is my setup.

Setup

In ~/node_modules/gattacker/config.env, for the "central" Pi device where I run node ws-slave, config.env looks like (note that I use hci device id set to 1 because I started experimenting with a Kinivo Bluetooth adapter thinking that the built-in BLE adapter on the Raspberry Pi 5 might be using a version of Bluetooth not described in the various online tutorials I came across. But I had the same issues using the default Raspberry Pi 5 BLE adapter):

# HCI devices.
# ws-slave - "central" device connecting to target peripheral
# NOBLE_HCI_DEVICE_ID=0
NOBLE_HCI_DEVICE_ID=1
# "peripheral" device emulator
# BLENO_HCI_DEVICE_ID=1
# advertising interval - minimal = 20ms
# BLENO_ADVERTISING_INTERVAL=20
# ws-slave websocket address
WS_SLAVE=127.0.0.1
# path to save advertisement and characteristic files of devices
DEVICES_PATH=devices
# path to save log (dump) of all the data exchanged with device
DUMP_PATH=dump
# display websocket client messages in console
WS_DEBUG=0

In ~/node_modules/gattacker/config.env, for the "perhiperhal" Pi device where I run node ws-slave, config.env looks like:

# HCI devices.
# ws-slave - "central" device connecting to target peripheral
# NOBLE_HCI_DEVICE_ID=0
# "peripheral" device emulator
# BLENO_HCI_DEVICE_ID=1
BLENO_HCHI_DEVICE_ID=1
# advertising interval - minimal = 20ms
BLENO_ADVERTISING_INTERVAL=20
# ws-slave websocket address
# WS_SLAVE=127.0.0.1
WS_SLAVE=199.254.22.120 # sanitized address here for this github comment
# path to save advertisement and characteristic files of devices
DEVICES_PATH=devices
# path to save log (dump) of all the data exchanged with device
DUMP_PATH=dump
# display websocket client messages in console
WS_DEBUG=0

Running sudo node ws-slave on the "central" Pi yields:

GATTacker ws-slave
ws -> connection
ws -> send: {"type":"stateChange","state":"unknown"}
ws -> close
ws -> connection
ws -> send: {"type":"stateChange","state":"unknown"}

Running node scan on the "peripheral" Pi yields:

node scan
Ws-slave address: 199.254.22.120
on open
unknown
state unknown - waiting...

[Thilakforabm]

hey any update on this were you able to fix this?