[zibzab]

I used this with miband, but then xiaomi went full-google and requires their watches to connect to their network before the first use.

I wonder if I can buy a second hand miband and get around that.

[vanous]

You can still get the key from huami servers and say good by to xiaomi scientists checking your data.

[zibzab]

Can you do that without installing their app which will have access to your contacts and location upon first access?

[vanous]

Well, you need to install the app at least once, no need to give it full permissions. You might also use a burner device. Once your device is paired, you can remove the app and go to fetch the key.

Search for huami-token on github or for Huafetcher (android version of the same) on Codeberg.

And read our wiki

Disclaimer: I did the Kivy wrapping of huami-token for Android.