So you may remember back in September @wololo posted an article on his website, in which it contained a message from the developer of the Blackfin to the owners of the device, threatening to release all info about it unless he was paid?

You can read about it here:


Today the developer has released the Blackfin software, here is what he has to say about it:


My second release. This is a much bigger one, and while it’s the BlackFin software itself (with some info on the BT dongle), it will be very useful for many things other than controlling BlackFin hardware. You get a GObject Serial communication library, a Bluetooth implementation for the TI chips, a simple API wrapper for libftdi/libftdxx, a patch to libexfat to add support for GC filesystem, a lot of information on the filesystem used and communication protocol. This is simply massive with about 33k lines of code total, and I’m sure it will take some time for the community to go through it and extract all the things it can find useful in it.

The code was started in 2013 and finished in 2016, I always meant for it to be released as GPL, but was prevented from doing so at the last minute. It already had a README file which has a lot of explanations on the files, design, protocols and filesystems, but those might be slightly out of date.
See the notes for more details on the code release and an update to the existing readme data.
The g-serial files are released under MIT license as they are the GObject port of an existing MIT-licensed project. The libexfat files retain their license and copyright, and a patch against upstream is provided for review. Everything else, apart from DirectC, is to be considered GPL licensed.

Then it turns in a different direction and the developers expresses how upset he is at the comment’s that @Yifan Lu said about him, here is the text in its entirety, its actually longer than the first bit:


I’ll use this announcement to say something to Yifanlu who was very vocal against me, delighting in joyful bitterness and enjoying the fact that I was not paid for my work. Bashing someone for the simple joy of bashing them is ridiculous, you think that motoharu got further than “a pirate contract in 4 years” and you say “real skill doesn’t compare” [1] when you so clearly haven’t even read the released files is pathetic. What motoharu has done is amazing, it is a lot of work and in some aspects he achieved more than I did, but he also achieved it 4 years after me, and in a completely different way. He reversed the authentication protocol through kernel/ASM reverse engineering while I used the Vita as a black box and reverse engineered it through analysis of exchanged data, logic analyzers and brute forcing commands and arguments. Just like he achieved more than I did, I have also achieved more than he did, but both did it in a different way. I think we both complete each other’s work and I am happy to see what he has done and I am happy to share my findings with him to help complete the bigger picture. I am a human being, just like you, I need to pay my bills and survive in this world, just like everyone else. I work on a contract, and (usually) get paid for it. I’m not responsible for what people do with the code, just like you’re not responsible for people using Henkaku (your work) to pirate games, so drop down from your high horse and don’t use your “on the internet? LUL”[2] argument for being a bully. The internet does not justify being rude to people.
The BlackFin device does have legitimate uses, and whether or not it was promoted or even sold as a piracy device, it is irrelevant to me. I was simply happy to be provided high end hardware and be financed to crack the mystery of the Vita. I’ve been had by an untrustworthy person, and that is not cause for celebration. Especially if you hate Cobra and piracy-enabling devices, why are you celebrating that the only person benefiting from the situation is the owner of the Cobra business? Haven’t you done the same thing by the way ? You just crowd-funded your efforts instead, and now you’re selling a device which you know and can’t deny is being used by people to enable them to pirate more easily. Let me be sarcastic and just point out how non-hypocritical you are.

Here is a story for you. I had reversed most of the GC protocol and authentication even before the US release of the Vita. I have here a video timestamped May 8th 2012, showing me running a full game being streamed entirely from my PC through an FPGA emulating the Vita GC protocol and proxying commands/receiving data over a serial connection with the PC. That proof of concept is beyond what was achieved by anyone else at that time, and maybe even today, and it would not have been possible without the proper hardware and financial backing necessary.
The four years that followed were what was necessary to go from that proof of concept to an actual working product. Have you ever actually seen a BlackFin device? I may be pissed at Cobra, but I am still amazed at what we have achieved. The BlackFin GCEmu (Game Card Emulator) is such a ridiculously small device. It’s a 15x15mm PCB, of 0.4mm thickness, which packs an FPGA, a Bluetooth module microcontroller, a security microprocessor, an antenna, and battery (in the form of capacitors, able to keep the device running for over a second). The miniaturization efforts were enormous, getting the FPGA code to actually fit in such a small FPGA footprint was a challenge, having to rewrite the code in order to decrase the bitstream to less than 10% its original size when it was running on a full-sized FPGA. Getting the Bluetooth to work even though the Vita card holder is shielded was a challenge, keeping the device powered while the Vita shuts off the power to the device was a challenge. We actually wasted one year in testing out numerous batteries, various ultra slim (100 micron) thick batteries, and testing various components for power consumption, because the Vita will shut down the power to the device if you don’t authenticate after 2 seconds and it’s not enough time for a user to choose which game they want to play.. we eventually had to fall back on using capacitors that are capable of holding the device powered for over a second, just enough to keep the INS line asserted long enough for the Vita to timeout on the ‘card ejected’ signal and allow us to ground the INS line again once power runs out of the capacitors and the Vita picks up on the new ‘card inserted’ event, allowing us to keep the card powered for an indefinite amount of time, with 1 second lapses every 15 seconds during which the device goes into low power mode, asserting INS and the vita thinks the card was ejected and reinserted.
We also had to include a microSD inside of such a device, have both an MMC client implementation, and an SD card host controller, as well as Bluetooth communications and encryption support to fit within a 3x3mm footprint FPGA. Of course, we also had to discover micro injection molding in order to make the plastic casing for the device with under 0.1mm thicknesses in some areas, with baffling accuracy and error margins (which forces the use of ultrasonic wielding since we can’t glue the pieces together). We couldn’t even put a sticker with the logo on the cards because it would make it too thick, so the card had to have the logo printed on the plastic instead.
Now that’s just a quick GCEmu summary of challenges, I’m not even talking about the challenges for the GCReader, on getting a custom made card slot designed for us, or the hardware challenge in getting the GCReader to detect when a GCEmu is inserted in it without allowing a Vita to discover that the inserted card was a GCEmu, or the software challenges of writing the Bluetooth embeded firmware, how to improve throughput and exchange data between the device and the PC using Bluetooth Low Energy, which was never meant for high throughput data exchanges. Also, do you realize that we had to define a good and usable filesystem for the games and implement the filesystem support in the FPGA while making sure it takes a minimum amount of gates and doesn’t impede on the performance either ? Obviously an NTFS or FAT32 implementation alone would have busted our gates threshold in the FPGA.
The entire story of the BlackFin would be too long to tell, at least for today, but I think that your saying “real skill doesn’t compare” when you didn’t even read the notes of the release (which clearly stated that information was from 2012 and was a first of many releases, and you thought it was the culmination of 4 years of work) is showing a poor character on your part. You judge and try to deliberately humiliate and make fun of other people’s misfortunes. I had respect for your skills before, but today I am sorry to realize the kind of person you are, behind those skills.

I will also take this opportunity to say something to wololo as well as others like him, who, while being against piracy, have not let that taint their opinions, and have shown empathy for my situation. You didn’t have to but it is appreciated and it shows your good nature, so thank you.

My final announcement is for everyone who is hoping that these releases will somehow unlock 3.61+ firmwares. I do not think that to be the case, however, with the work of motoharu and others in the community, the entire authentication algorithm could soon be reverse engineered and game backups running on the latest firmware should be possible. This release would cut down a huge amount of time in setting up the foundation for the software controlling a potential open source device that would work similarly to the BlackFin device but without the P2P aspect of it.


I was going to counteract his arguments against Yifan, but i can’t be bothered, check the download at the source:

Vita Reverse Engineering Leak (Cobra Blackfin) – part 2

Leave a Reply

WP Twitter Auto Publish Powered By :
%d bloggers like this: