After a user reported that the settings on their Krux device changed unexpectedly, and with the disclosure of threads like "Dark Skippy" I decided to invest time in protecting Krux from tampering.
My first objective was to investigate if it was possible to implement some type of tamper protection for Krux K210-based boards, such as secure boot. The K210 specifications mention firmware encryption and One-Time Programmable (OTP) memory, which could make secure boot viable, but there was no documentation on how to implement it.
The lack of documentation didn't stop us from exploring K210 features before, so I started a quick investigation.
My first finding was that I was not the first to explore these poorly documented characteristics of the K210. Wladimir van der Laan, while still the lead Bitcoin Core maintainer, conducted a deep investigation into the K210, also trying to determine how to use the chip's OTP memory.
[Wladimir's OTP Layout Documentation](https://github.com/laanwj/