See below for updates.

IF YOU BREAK YOUR BOOT0 PIN. DO NOT DM ME ASKING FOR HELP. THAT'S IT. YOU BREAK THAT PIN AND YOU CANT FLASH. YOUR CHIP IS STUCK WITH WHATEVER HWFLY PUT ON IT


Pre-requisites:

---

• Raspberry Pi Zero W
  • You may use another flasher if you desire.
• Pinout Diagram
• Modchip Diagram
• FULL_CHIP_STOCK.bin
• Modchip Diagram, find the PA9(TX) and the PA10(RX) pins on your modchip, and do the following:
  • Connect GPIO14(TX) on your Raspberry Pi Zero W to the PA10(RX) pin on your modchip.
  • Connect GPIO15(RX) on your Raspberry Pi Zero W to the PA9(TX) pin on your modchip.

1. Solder a wire to each of the following pinouts on the Raspberry Pi Zero W:
   • 3.3V
   • Ground
   • GPIO 14 (UART TX)
   • GPIO 15 (UART RX)
2. Do the following to prepare the modchip:
   1. Lift pin 44 (also known as BOOT0).
   2. You will need a way to power the chip, so you need to find two 3.3v points. It can be on a MOSFET, but it will differ based on the revision of the modchip.
   3. Connect Ground on your Raspberry Pi Zero W to the Ground pin on your modchip.
   4. Check the Modchip Diagram, find the PA9(TX) and the PA10(RX) pins on your modchip, and do the following:
      • Connect GPIO14(TX) on your Raspberry Pi Zero W to the PA10(RX) pin on your modchip.
      • Connect GPIO15(RX) on your Raspberry Pi Zero W to the PA9(TX) pin on your modchip.
3. Boot your Raspberry Pi Zero W and do the following:
   1. In the terminal, type the following command, and press enter:
      

      sudo nano /boot/config.txt

   2. Add the following line to the end of the file:
      

      dtoverlay=pi3-miniuart-bt

   3. Press CTRL + X to save and exit the editor.
   4. In the terminal, type the following command, and press enter:
      

      sudo nano /boot/cmdline.txt

   5. Remove the following line from the file:
      

      console=serial0,115200

   6. Press CTRL + X to save and exit the editor.
   7. Restart your Raspberry Pi with this command
      

      sudo /sbin/reboot

   8. In the terminal, type the following commands, and press enter after each command:
      
      

      git clone https://github.com/Pheeeeenom/stm32flash.git
      cd stm32flash
      sudo make install

4. Now you will flash the modchip.
   Note: This will remove read protection, and the modchip will wipe itself (that is what we want).
   1. In the terminal, type the following command, and press enter:
      

      stm32flash -k /dev/serial0

   2. Now to flash Spacecraft-NX Version 0.2.0, type the following, and press enter:
      

      stm32flash -v -w ./FULL_CHIP_STOCK.bin /dev/serial0

5. Once you're done flashing your modchip, remove the wiring from the modchip, and restore the 3.3v pin on the modchip to its original position.

Please post pictures of your work here to further the identification of the different board revisions!


UPDATE: So it seems like stitching the spacecraft bootloader and firmware together from the repo causes unstable glitching behaviors. For now, consistent glitching behavior works with this bootload/firmware combo. This is the original file on the OLED variant chip which has 0.2.0 spacecraft. As for glitching, I'll figure it out, give me some time...unless someone else wants to hop in and reverse the differences.

For now, this at least solves the 0.1.0 HWFLY gen 3 issue. More to come.

UPDATE 2: This is only going to work on some HWFLY chips. Older ones use higher protection than the new revisions that seem to use the QFN FPGA.

UPDATE 3: This should fully work on OLED modchips with the QFN FPGA. https://github.com/Pheeeeenom/firmware

 

[yee]

At the rocket ship splash screen, the bottom right corner says "R0.22 H1.0".

Is this Spacecraft 2.0?

 

[doom95]

Yes

 

[yee]

Yes

Thanks. No reason to flash it with Mena's 0.40 if it's working fine and glitching properly I take it?

 

[doom95]

See https://github.com/hwfly-nx/hwfly-toolbox/releases/tag/1.0.0 and https://github.com/hwfly-nx/firmware/releases/tag/0.5.0 for HWFLY modchip toolbox. It supports GUI flashing without USB and SWD.

 

[Vladjaye]

See https://github.com/hwfly-nx/hwfly-toolbox/releases/tag/1.0.0 and https://github.com/hwfly-nx/firmware/releases/tag/0.5.0 for HWFLY modchip toolbox. It supports GUI flashing without USB and SWD.

We can flash any firmware this way? Or only compatible with the fancy flashing method?
Can we flash Mena's r40 for example? Or maybe original Chinese r22? Willing to test it shortly

 

[doom95]

Yes. But included 0.5.0 is improved in several regards, and is the only one providing additional toolbox functionality. It has all 0.4.0 improvements and more.

 

[Dean_]

See https://github.com/hwfly-nx/hwfly-toolbox/releases/tag/1.0.0 and https://github.com/hwfly-nx/firmware/releases/tag/0.5.0 for HWFLY modchip toolbox. It supports GUI flashing without USB and SWD.

Great! One thing I want to say is that you should disable hekate autoboot. Otherwise, if you press VOL+ and power button, it boots straight to HOS.

 

[Vladjaye]

Yes. But included 0.5.0 is improved in several regards, and is the only one providing additional toolbox functionality. It has all 0.4.0 improvements and more.

Amazing! Would love to see more details about the toolbox functionality. What is deep sleep mode? Do we have to manually restore\reset training data after flashing?
Also, the git instructions have this: reboot while holding VOL+ (verify: modchip green light stays on)
How we start reboot process? Press and hold power while holding vol+?

 

[lufeig]

See https://github.com/hwfly-nx/hwfly-toolbox/releases/tag/1.0.0 and https://github.com/hwfly-nx/firmware/releases/tag/0.5.0 for HWFLY modchip toolbox. It supports GUI flashing without USB and SWD.

thank you very much, succesfully updated as per instructions!

 

[doom95]

Amazing! Would love to see more details about the toolbox functionality. What is deep sleep mode? Do we have to manually restore\reset training data after flashing?
Also, the git instructions have this: reboot while holding VOL+ (verify: modchip green light stays on)
How we start reboot process? Press and hold power while holding vol+?

After glitch normally modchip goes to deep sleep. Holding vol+ causes it to stay awake so it can take commands from toolbox.
Reboot simply by power off from menu, then use power button.
No need to store/recover training data.

 

[Vladjaye]

After glitch normally modchip goes to deep sleep. Holding vol+ causes it to stay awake so it can take commands from toolbox.
Reboot simply by power off from menu, then use power button.
No need to store/recover training data.

Successfully flashed it, thanks! I'm used to the repeated training session after firmware flashing through USB. This time there was no training session. Is it normal? Do I have to reset it if one of the boot processes took 4-5 blinking purple leds? I do get a new NO SD (Hekate) screen though.

 

[doom95]

Training params are for the FPGA. Firmware changes cannot influence success rate of existing parameters, so retraining is not needed. If you want retraining, use 'reset traindata' from toolbox.
New Loader (which shows NO SD screen) is much faster, works regardless of RAM type, works with all SD cards, and is required for toolbox.

 

[Vladjaye]

Training params are for the FPGA. Firmware changes cannot influence success rate of existing parameters, so retraining is not needed. If you want retraining, use 'reset traindata' from toolbox.
New Loader (which shows NO SD screen) is much faster, works regardless of RAM type, works with all SD cards, and is required for toolbox.

I see, but just for a reference - do we have to remove SD card before using reset traindata in the toolbox? Thanks!

 

[urherenow]

2. run hwfly_toolbox from hekate

^This is actually confusing. You mean NYX, right? Then again, it's also confusing hearing people say they've upgraded with these instructions, when 0.5.0 is the latest, and 0.5.0 is required for the toolbox to work

 

[Dean_]

2. run hwfly_toolbox from hekate

^This is actually confusing. You mean NYX, right? Then again, it's also confusing hearing people say they've upgraded with these instructions, when 0.5.0 is the latest, and 0.5.0 is required for the toolbox to work

You can use toolbox without flashing 0.5.0, but it has limited function.

 

[urherenow]

wait, ok, I get it. The sdloader.enc does... something... and allows the vol+ to keep the mod chip active, so that it can then flash the bootloader and firmware, right? And am I to understand that this is compatible with this chip?

 

[Vladjaye]

wait, ok, I get it. The sdloader.enc does... something... and allows the vol+ to keep the mod chip active, so that it can then flash the bootloader and firmware, right? And am I to understand that this is compatible with this chip?

Yes, it is for this chip. Sdloader.enc replaces the white NO SD screen with the black one that shows even on Micron memory Switch consoles

 

[FR0ZN]

Oh boy, so we now have 3 firmwares for this chip?

1) from whoever made r021/r022
2) Menas 0.4.0
3) And now this 0.5.0

Correct?

 

[Vladjaye]

I believe that the r21 and r22 are from the same source as whatever the firmware that comes with chip originally. The 0.5.0 I believe is Menas based. Just my assumptions.

 

[doom95]

r21 and r22 are not open source, 0.4.0 and 0.5.0 have sources. anyone can do their research