V60Mini-firmhack
V60Mini-firmhack copied to clipboard
pellettiero
Update thread
I'd love to see the V60 mini's firmware opened up for hacking. This project hasn't seen any activity in a while and is still WIP. Any updates?
Hi Kevin,
unfortunately, as of some IRL events, I haven't updated this project in many months. The will to finish this is still there though (I still possess the keyboard). There are 2 main problems:
- Little to no experience in C, especially for embedded devices
- I'm afraid of bricking my precious V60 :'(
I saw some of your posts on geekhack too. ( if you're the same person, that is) I'll try to update the repo in the next hours with the instructions and stuff, could you please see if anyone else is interested in this? Pull requests welcome.
Thanks pellettiero
just a newb question, what does this custom firmware (when its done, hopefully) let me do to the keyboard?
Probably very similar to the CM QuickFire Rapid i hack by Jeroen at spritesmods.com
e.g. change keyboard layout, program LEDs, custom functions etc.
Just an update/heads-up for y'all: the decryption part is currently working and the firmware should be correctly decrypted if you use the getflashimg.sh script.
I don't know what to do with the firmware though, suggestions?
Also tell me if we should move this to a new issue, thanks
Tagging this for updates - I just purchased a V60GTR, and am interested in being able to make firmware changes. I'm also not sure exactly what I'd like to do yet, but it looks like this project at least makes things possible.
Yeah, me too. I'm specifically interested in getting jkl;as arrow keys.
That's why I'm interested too. I asked them on facebook if they'd be open to release a new firmware with a different layout and they answered that they'll launch a new keyboard with an AVR controller that will allow remapping and I replied that I'd like to be able to use the keyboard that I already own :) Maybe if more of us will chime on it at least we'll get a more usable layout for the second layer.
Sorry for kinda neglecting this, but... BIG UPDATE It is now possible to unlock the keyboard's flash and dump it! I still need to find out the XOR bootloader key to figure out how it encrypts all this, but I'm pretty stoked so far!
Sweet! The number row on my board started chattering like crazy. KBparadise shipped me new switches. I picked up a KC60 in the meantime and am blessed with the freedom to completely customize the board. Can't wait to have that ability on my V60!
I'm still interested in this, though I've not thought about it in a while. I use my V60 as my primary keyboard on my desktop, and while I'm thinking about replacing it, I think if I could remap I'd probably wait a while.
My problem is, while I'm a dev, I don't really know where to start on a project like this. I haven't much experience writing C, though I can read it fine, and don't think it would be an issue to pick it up - but I don't have any experience at all hacking on keyboard firmware. If someone could point me to a resource or two, I'd greatly appreciate it and would attempt to reciprocate by contributing here...
Oh wow, it's been a while since I've been here. Sorry for the long wait everyone! I think I should probably get you up to speed on the latest news:
- This repo, or at least parts of it, are still valid! Some really important things changed though, and I'l try to implement them here in the upcoming days. This at least for the "unlocking the keyboard" part.
- For the custom firmware, I'd suggest to have a look here: https://github.com/pok3r-custom/qmk_pok3r where you can find some more updates on the state of it. Support to implement QMK on the v60 will be coming after the POK3R line is stable, I think.
Thank you all for waiting this far, glad this project is still alive and kicking!
Looks like the v60 is "planned" per the readme, but excited to find this issue indicating @pellettiero and others are still interested in this. I am watching the https://github.com/pok3r-custom/qmk_pok3r but am curious what the best way to get up to speed and possibly start helping bring it to my v60 keyboards.
Thanks!
Just commited an update to the repository:
You can now download the patched firmware exe directly from here and unlock your keyboard immediately for usage with pok3rtool.
Also new update to the README, with instructions on how to use pok3rtool.
Now, @chaseadam about your question, it is only possible to "unlock" the keyboard at this moment, and it's not even a "full" unlock, but more like a way to dump the clear, unscrambled flash and keep it as a backup.
The security bits on the Holtek flash ROM are, AFAIK, still there and need to be unlocked before attempting to port QMK/TMK on it. I should try and test if I can eventually reprogram the keyboard via JTAG, although I don't have a programmer device (Segger) to do so.
Might try with a Raspberry Pi and some bitbanging using the GPIO, although I'm not sure if and when I'll have some time to try it out, let alone risking my keyboard on that.
Plus, I'll need some people to test something out, such as whether you need to be on 1.0.7 before attempting to unlock the keyboard or just going straight for it, or a way to flash the keyboard with the modified firmware directly from Linux itself.
Thank you all so much for sticking around, glad to see there's still activity! <3
I don't have a JTAG debugger yet as well, but it is an investment that makes sense for ~$70: https://www.adafruit.com/product/1369. I will throw down for one for my keyboard if that helps convince you.
Thanks for the pointers about the flash security bits. Will use https://github.com/pok3r-custom/pok3r_re_firmware/wiki/HT32-Unlocking as a guide. I received my jlink clone (<$10) and will start poking around the flash bits in the coming week.
Oh hey! Sorry for the long wait again. And no problem, that's great news! The unlocking is more or less the easy part, the harder part is of course to write and compile something that works for the v60. So yeah, if you need other pointers, I'm definitely available to help out!