Sorry, that's not really accurate. The last generation S and X don't use Bluetooth at all, the reason the keyfobs were updated was because the encryption used was only 40bit and could be cracked by modern computing within a few seconds so a key could then be cloned. The new fobs doubled this to 80bit. Read here for more
Tesla rolls out Key Fob security update for Model S to address risks of cloning
Neither that, or Bluetooth LE used on 3, Y and the newest S and X have time of flight protection as far as I've read. Bluetooth specifically doesn't have a mechanism other than requiring a short time to get to the car, but it's already demonstrated that with optimised electronics this isn't a barrier to relay attacks. See
Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks
There are other mitigations in the Tesla's key mechanism, the details of which aren't published, but I can see there certainly seems to be some use of GPS to determine locations and RSSI to range the distance from the car, but these are clearly not fully guaranteed.
UWB which is on some BMWs and the Apple CarKey stuff does support time of flight, but it needs the UWB hardware which is far from ubiquitous on phones at the moment. So as per NCC Groups advice, use Pin2Drive to mitigate the risk.
)
