Vita Hacking History
The PSVita security was immediately recognized as one of the toughest on the market for a mobile device. It was even more secure than the PS3 or iOS ! Finding an entry point was going to be tough, but the PSVita has the PSP hardware inside and can run a sandboxed PSP environment. And we know that PSP was Sony's most hacked device, so naturally, hackers began to search through the PSP side of the PSVita to create a hack. Many vulnerabilities were found but the biggest drawback is that it wasn't enough to do a native hack of the PSVita. As such the only thing that came out were ePSP hacks. What can we do with that? Well not much. We had vHBL hacks which were just HBL injected inside a PSP game on the vita. It allows loading PSP homebrew on the PSVita which was interesting for using emulators originally developed for the PSP.
Sony fight was one-sided. Hackers find a vulnerability in a PSP game, Sony simply removes the game from the PStore.
Aside from vHBL we had two main ePSP hacks : TN-V and Ark. Ark was just an iso loader while TN-V was a full ePSP CFW that implemented the XMB menu (like adrenaline). It was made by the talented TotalN00b from the PSP hacking scene. We also had TN-X for loading PS1 games ad TN-C which is the ark equivalent made by Total_NOOB.
Ark on a PSVita
TN-C on a PSVita
TN-V recovery menu
TN-X launched from a PSX game exploited
The 14 September 2014, a leak of more than 50 ePSP exploits was released online by Acid_Snake and qwikrazor87. This split the community into two sides : those who think that hackers will finally try to find a native hack of the PSVita, and those who are totally unmotivated to continue after this and decide to drop the PSVita hacking community.
3 years after the release of the PSVita, nothing has been done natively and people lost hope about a PSVita native hack and decided to hold on to those ePSP hacks thinking it's the best that the PSVita has to offer. We also lost Total_Noob after a recent controversy where he included an erasing code in TN-X targeting TheZett (who he didn't want him to use his software after a beaf). After several conditions were met, the TN-X showed a red screen preventing TheZett from using the TN-X. If TheZett tried to bypass that by tempering with TN-X, the erasing code was activated and ux0:pspemu was cleaned.
It was a shame and Total_Noob, although his attitude wasn't liked by many in the community and his reputation tarnished after that controversy, was a big element of the PSVita hacking community and losing him only fueled the pessimism of the community about a native PSVita hack.
2015 begins with a good news : a WebKit exploit has been found on 3.18 by Hykem which is the first native hack found on the PSVita.
This exploit allows dumping a list of modules and the support of URi calls which for example allows users to boot the package manager app.
Nice, now uh can you please give me vitashell? No? Okay....
The other good news is the custom bubble method found by Mr.Gas and frtomtomdu80 (later known as Major_Tom). This method allows the user to create ePSP bubble on the live area so that we can boot vHBL directly from the liveara. It was very cool to have your own bubble but it was just an illusion of hack. Later in June 2016 a PS1 bubble method will be released. It was still an ePSP hack and the native hack hope faded away.
Vita is life, but it need to rejuvenate after 3 years
The exploit was found inside the PlayStation Mobile Development Assistant and allowed users to launch homebrew from it thanks to UVloader. And by homebrew, I mean native homebrew built with a Vita toolchain.
That cube, that damn cube
But Rejuvenate didn't have much success despite achieving the end goal of a native hack. First of all when it was announced, Sony had decided to terminate PSM program and people couldn't get their developer license needed to use the PlayStation Mobile Development Assistant. And they were also pulling out the app from the PStore. That issue will be fixed later with Mr.Gas method of fake license. The second point and the most important one was that it wasn't that powerful as piracy was totally not possible because the exploit didn't have enough privilege, and the process was very tedious. You needed a computer or an Android and create a license every day to launch Rejuvenate and it took one minute to launch a single homebrew.
Although Rejuvenate was difficult to access because of the PSM situation and how hard and inconvenient it was for the average end-user to use, Wololo tried to boost the situation with a Homebrew Contest called Revitalize.
PIxel art at its finest
This contest did bring some awesome homebrews (like our lord and savior Vitashell by the new promising dev TheFloW) but because of the awkward situation where everyone does his own stuff without any consensus. We had two homebrew loaders and 2 different SDKs instead of focusing on the Open SDK. This has discouraged a lot of devs to participate, including YfanLu who will decide to drop the PSVita scene completely.
I’m leaving the scene. I am tired of all of this.
I know it’s arrogant to assume I am the shepherd but for the last three years people have constantly asked me for help and then ignored what I said. They make me the leader–first unwillingly, then begrudgingly–and then refuse to be led.
I’m going to continue my arrogance: I’ve spent three years looking at the Vita, the file formats, and everything. I know how it works better than most people outside of Sony. The code you see is based on hundreds of iterations and fixing failures. The competition does nothing but give the illusion that two projects are all “just code” whereas UVL was written with in depth knowledge of the Vita.
The first native hack didn't go well, but it was still useful as much progress has been made with this hack and all the work and research done on rejuvenate enabled the next hack to be more complete.
Now that YfanLu is gone, the only dedicated hackers remaining on the scene were Major_Tom and Mr.Gas, and they brought up for the 3.52 firmware another exploit called the Mail trick. This exploit allows writing anywhere on the memorycard and then later, anywhere on the system. This exploit enabled customization on the PSVita with custom bubbles, Package installer bubble, no more PSTV blacklist, changing the region of the PSVita and most importantly the use of custom themes for the PSVita !
Oh someone sent me some photos? I hope it's not a virus
After that rejuvenate failed to bring piracy on the PSVita, an unknown team using the Cobra name from the PS3 scene although it's totally not the same group decided to put on sale a device called the Black Fin Cobra :
This is super hacky,
The process was simple, the black device you see is a device where you plug your games, then the device will share those games over a P2P network. Someone who wants to play for example need for speed will have to wait until someone has shared his need for speed copy with the Black fin dongle and retrieve the game over P2P to the cartridge dongle which will emulate a real cartridge with the game shared. It's like a sky3DS linker as there is no vulnerability involved.
A Bluetooth USB adapter, The black fin card emulator which is the precursor of the SD2Vita, with bluetooth included to communicate with the computer and the Black fin cartridge reader
Here's the description of the product from the website :
What does Cobra Black Fin do?The Black Fin allows Vita and Vita Slim Wifi and 3G users to share their Vita games over the internet.The Cobra Black Fin Emulator card stores game ISO's on Micro SD and the Black Fin Card is then inserted into the Vita/Vita Slim consoleWhen connected to the Black Fin servers authentication of the Vita game is performed by matching the ISO on your Micro SD card to the same original game running on a peers' Black Fin reader connected to his PC and the Black Fin servers or friends' servers.You might ask why it is necessary to authenticate the game you wish to play using an original card connected to a server?Vita has a very secure card authentication mechanism, which to date has not been penetrated and is based on secure cryptography. It is unlikely that a direct authentication method which avoids having to use a peer to peer system will appear any time soon. As a result Cobra has designed a unique and cutting edge peer to peer sharing device which allows users to share their favourite games with friends over an internet network.Vast resources have been poured into designing a flash card which is the same size as the original Vita card itself. Yes, the Cobra Black Fin squeezes all of its technology into a card no bigger than a Vita game card with tons of features and packing serious hardware power! When you look at the circuit board design and components used you start to understand the expertise and time required to pull off a design of this magnitude.
The dongle didn't meet his success for 3 reasons
- The need of using a P2P network was the most problematic one, First, you need to find someone who is sharing the game (so the Black fin dongle with the cartridge inside is active) and there wasn't a lot of users back then. So the game-sharing library was very small. The P2P was also dangerous as Sony could easily find who you were and possibly sue you for sharing games.
- The team was sketchy, didn't send any retail unit to Wololo nor any legit hacking website that asked.
- The price was too high.
A french review of the Black Fin dongle in action
The interface of the BlackFin
The dongle will disappear soon after the release after the sales didn't match the team's expectations and in 2017, the main developer of the Black Fin dongle will come forward and leak the BlackFin research and software to the public after not being paid by the Cobra owner for his hard work. It's an interesting talk that you can find on Wololo. Overall the Black fin dongle is an amazing piece of hardware that is impressive on its own with the limited knowledge of the PSVita security system back then;
This is it, after some teasing, the 29 July 2016, HENkaku was released by Team Molecule (YfanLu who decided to return yey, xyz, Proxima and Davee). This mark the end of the desert crossing as we have the first native hack that gives total control of the PSVita including installing homebrew directly on the livearea. The pain of using rejuvenate is replaced by a website you need to browse to hack the Vita. It's ironic considering how tough the security was described and that given how Rejuvenate was, we thought that we would need another complicated hack in order to jailbreak the PSVita. This also opens the door for better homebrew support and we saw it with the release of multiple utilities like moonlight. It has received several updates to include the HENkaku settings, fixing firmware spoofing after Sony decided to fight back a little before stopping completely. You can find a changelog of HENkaku here.
Wow such sexy appeal
The fact that HENkaku used a website and was not permanent meant that if you reboot and you don't have wifi access, you wouldn't be able to hack your vita to launch homebrew. Fortunately, xyz found a trick and included the HENkaku exploit inside the mail app of the vita which contains a Webkit browser inside. So we could trigger HENkaku while being offline. Just open the mail and boom hacked.
Wow the official molecule team sent me an email, I wonder what they wrote
A King Of The Hill contest was created by the molecule team in order to attract the attention of hackers toward the PSVita by challenging them to find how HENkaku worked and reverse engineer it. The code was obfuscated a little in order to provide a fun challenge. Mike H and st4rk both managed to complete it and solved the ROP chain. Team molecule then released the source code of Henkaku as well as an explanation post of how the exploit worked. Another contest was created by the four main hacking forums that is Wololo, PSX Place, PlaystationHax.it and Custom Protocol. It was named GekiHEN and helped a lot in attracting developers and shining a light on the Vita. Thanks to it we had many cool submissions that we even use today like the vita homebrew browser, custom themes manager and pfba. The contest was a success although the results were shadowed by Project Void which won the game category while being built with the official Sony SDK and not Vita SDK.
Yfanlu doesn't endorse piracy and decided to make the job harder for pirates by not giving out the necessary tools for it. But TeamFreek, composed of Mr.Gas, MajorTom and TheFloW, found a way to backup games and planned on releasing the Vitamin dumper. Unfortunately, a relative of either Mr.Gas or Major Tom who got access to the vpk betrayed their trust and leaked the program. Shortly after TheFloW decided not to release the V1.0 of Vitamin and considered quitting the scene (imagine if he did).
Vitamin? You're sure it's not drugs?
Fortunately, after that incident, TheFloW changed his mind and released the V1.0 but Mr.Gas and MajorTom decided to leave permanently. It's a big shame as they were 2 promising members of the scene (and they were fellow French).
Hey isn't that the PSP recovery menu?
After Vitamin was released another program to dump games was released by a Chinese dev. The name? MaidumpTool.
That apple looks so tasty
The dumping process was simple, load the game files in the ram and let the vita decrypt it. It was a dirty method of dumping game and did introduce several problems like save data corruption.
The two programs with the same goal in mind had many advantages and disadvantages.
- Install games as vpk, you can keep the Henkaku Safe Mode to be sure that the vpk you install didn't contain malicious code in order to prevent the "HarryPotter.vpk" situation that happened after a random user took Silica memorycard eraser vpk and renamed it into harrypotter.vpk and shared it.
- You need to transfer the vpk to the vita and install it with vitashell. This means you need double the space to install a vpk. And it took ages to install a game. There were some other tricks like using vita organizer which install a vpk from your computer to your PSVita through ftp, or extracting game assets from the vpk, transferring it through usb to ux0:app then rezip the vpk with only sys_info and eboot bin and install it with vitashell.
- Install games as a folder which means you don't need the double space to install a game. And you don't have the unzip part which means it's way faster to install a game.
- No VPK means no Henkaku Safe Mode protecting you. And that caused some problems as some people bundled inside MaiDump dump a malware that mount vs0 and os0 as read/write and deleted every file from it, thus bricking the vita
Oh yeah and at the time there was no vitashell USB support so transferring a vpk was either through ftp, or through QCMA. You rename the .vpk into .mp3, and transfer it as music with QCMA to your PSVita. Then go to ux0:music and rename the .mp3 to .vpk and install.
The advantage of using a decrypted game came down to using plugins. Dumped games allow loading plugins from ux0:plugins. The main use was the amphetamine plugin which allows you to select the CPU and GPU clock speed while playing a game and also the RinCheat plugin.
Ok it's definitly drugs
Fortunately, the next release will bring us a step further to the CFW experience on the vita, and it's the release of Taikaku which is a framework that allows devs to create plugins. Known today as TaiHEN. It was now possible to hook and patch on the kernel and user space. Also fun fact, TaiHEN is based on substitute which is a framework used in the iOS jailbreak scene to load tweaks (plugins) on the system. (Additionally, we were now able to open uncompressed FSELF). It was released as beta so we had two options. Either we load HENkaku or taiHENkaku. When it was stable enough it was merged with HENkaku.
What do you mean by more? Can it brew a coffee?
We had a few plugins released shortly afterward like f.lux, and TheFloW updated vitashell to support USB mounting which was awesome at the day. No more renaming vpk to mp3 trick !
And the reason that still let some people on 3.18 was finally removed as TheFloW also releases adrenaline (which is very very similar to TN-V by Total_Noob mmmmmmmh) And we now had a ePSP CFW on 3.60. The installation was kind of not as convenient as today where you just need to install a vpk, back then you had to have a PSP game (You could use the Celeste blue ePSP Bubble installer to have a 3.5MB PSP game you could use for either Adrenaline or ARK) installed on your vita, install the adrenaline plugin in the config.txt with the TITLE ID of the PSP game you have and download manually the 661.PBP and put it inside the adrenaline folder. Well, there was an Adrenaline easy installer app made anyway.
Man this vita is sooo sexy
Credit : Widvern
Having HENkaku was a dream come true, and we thought that we had stagnated after all those releases. Sony patching the HENkaku exploit with 3.61 (webkit) and 3.63/5 (kernel exploit) and no exploit on the horizon we were already aware of how hard it would be to have another HENkaku so we valued 3.60 a lot. But molecule team impressed us again with the announcement of Enso ! We could finally have a permanent CFW with Enso + HENkaku + taiHEN !
Enso Xana edition
It was such a birthday gift for us as it was released on the 29 july 2017, the same day as Henkaku, and I remember that I was waiting all day night then dozed off for like 3 hours and my body woke me up automatically 5 min after enso was released at 3 am. I tested immediately the program but refused to install it as I had a DEX mod on my vita. I reinstalled the 3.60 firmware and could finally profit from enso on the vita !
Alongside the release of Enso we had another dream come true : MicroSD adapter for the PSVita ! Finally, no more me being stuck with my 8GB memory card and having to deal with QCMA every week to change games. First the PSVSD by Yfanlu and then the SD2Vita by xyz. You can find more information in the SD2VITA History article I made below.
Oh you don't say?
Piracy was blooming with vitamin and MaiDump, but TheFloW released a surprise that changed the piracy side of the Vita : Nonpdrm ! No more vpk or game folder with maidump, no more risk of having malware inside ! 100% legit game dump untouched (apart the eboot for the fake license) and still encrypted ! It also fix an issue we had with decrypted game dump : the ability to install updates from liverea ! (granted the update doesn't require a fw higher than 3.60.
Motoharu also provided another way of having a completely legit backup dump with psgamesd which creates a 1:1 dump of the cartridge and allows playing it by creating a virtual cartridge on the vita. This format is considered as the best one if we go into the preservation of the Vita library but it won't meet its success as nonpdrm was more practical.
Motoharu will also release a set of tools on pc like psfpsvtools which allows decrypting any PSF encrypted vita file directly from the PC. No need for vitashell now.
As for better 3D homebrew support, we had an amazing exploit by VitaHex, who graced us with many homebrews like Switch UI which replicate the menu of the switch for the vita (which can be launched at boot directly with enso without seeing the live area). He released zombiebound, a zombie shooter in 3D made in lua and it was the first real 3D homebrew for the PSVita. At the time we lacked a 3D hardware accelerated driver and a shader compiler. So making a 3D homebrew was tough.
On par with Killzone
What about streaming the PSVita screen on the PC? Well, we have Vita2PC by Rinnegatamante which allows streaming the PSVita through wifi, and xerpi teased his USB solution. On the other hand, we had moonlight and PC-Link to stream the PC screen on the PSVita.
The dream of everyone, Nintendo Vita !
2017 is the year where activation is a big issue. Sony did something on 3.60 (intentional or not I don't know since it was reverted in 2019) which prevented users from activating their PSVita. Worse if you connect to the PSN the activation file will get deleted automatically in most cases ! (Fortunately, I had a backup of my activation file so I wasn't screwed but a lot of users were). It might not sound like a big deal for you but back then activation meant a lot. We needed it in order to use adrenaline. No activation = no base PSP game = no adrenaline.
There was a first solution called MLTactivator (don't use it) which replace your account with an activated account on the vita but had a downside. 1 It's not your account anymore 2 You can't go to PSN.
The second solution will be brought by Celeste-Blue with ReStore and ReNpDRM. It was first deemed impossible by Yfanlu without an f00d exploit (f00d is the security processor of the PSVita) but he managed to bring back the activation on 3.60 ! The purpose is simple : it constantly refreshes for activation so even if sony automatically removes the activation it gets back. But how does it get the activation file if we can't activate our PSVita the normal way?
The problem was that the success of the operation was a hit and miss, a lot of users complained that it didn't work, others stated we needed restore v1 with renpdrm v5 in order for it to work. Other had stated that sony automatically removes restore from ur0:tai (I'm sure it's bullshit). So we needed another reliable solution. Remember that promising young dev called TheFloW? He came out and revealed a big shocking news that nobody was ready for (yeah nobody I tell you !) He was actually Total_Noob All along ! (pretend to be shocked).
Top 10 anime vilain reveal
The end of the year saw the release of the 3.67 firmware which fix the KRACK vulnerability on the wifi firmware as well as patching a vulnerability that used in chain with other vulnerabilities allows for persistence.
2018 started with a huge showcase : VitaGL was announced which would open the door to 3D homebrew and ports using OpenGL on the PSVita ! No more gxm learning to develop something in 3D ! At the same time, Vita3K was announced and showcased homebrew using VitaGL running on it. The 3D era of the PSVita has begun ! VitaQuake 2.5 was released and it was the first hardware-accelerated homebrew on the vita using OpenGL. We had vitaXash3D next, a port of Half-Life. The saga continues and we saw more ports using OpenGL on the PSVita increasing its library.
I can now bast some monsters at 544p !
Enso source code was released and TheFloW built the 3.65 enso installer which allows for 3.60 users to go to 3.65 enso ! It was the first time that we could hack another firmware after 2 years and while it does not involve another vulnerability, it was kind of dangerous as it relies on enso to load the hack. It "update" the PSVita while on and patch the bootloader with enso hack then reboot to finally lend on 3.65 enso (so that means 3.61+ users couldn't hack the 3.65 firmware). But if for some reason enso doesn't work or you reinstall the system, then you end up in stock 3.65 with no way of hacking back. TheFloW only included the tai folder containing the hack files inside vs0 so that you can restore the PSVita without losing the hack.
Finally, the power of the 3.65 in my hand
This has left most people questioning themselves if they should do the jump to either profit for more game support with 3.65 as well as activation fixed but with a risk of losing the hack permanently, or staying on 3.60. Fortunately, that question was quickly gone with people backporting 3.65 games and updates to 3.60 with MaiDump and Vitamin.
5 months later, with the release of 3.68, TheFloW confirms that it hasn't patched his vulnerability and decided shortly after, the 1 July, to release h-encore. We finally had another exploit 2 years after HENkaku !
I'm blue dabedi dabeda
The exploit was a more traditional one, a save data exploit from a demo of a dating game called bittersmile. Since it's a demo, we can inject the game through the package manager or with QCMA since it's drm free !
Still many people stayed on 3.60 masterace because 3.65 needed many software and plugins to be updated to work on 3.65.
Another issue with the 3.65 firmware is that Sony patched loading decrypted content from ux0:patch which blocked the modding of games. Fortunately, Dots-TB released repatch which acts as a decrypted patch folder and allows modding games back again.
Uhhh, redpilled much?
People again backported games to 3.60 but the MaiDump and Vpk format were not great to deal with and while nonpdrm was superior, we had no choice but to use them. That is until the #Letmaidie project arrived. Team Faps released FAGdec which allows decrypting user/kernel and games modules generating compatibility packs .ppk used to load 3.68 games on 3.60 using either legit cartridge and digital games or nonpdrm dump.
3.69 was released and patched the h-encore exploits, and xerpi has released his USB streaming plugin while customization reaches a new level with font changing and custom boot splash. The Vita scene is blooming and another breakthrough will be made : Overclocking
I had to google lolicon ugh, I hope FBI won't notice
We can already overclock our PSVita with PSV Shell but it's just changing the base speed to its highest speed. Now we could go further beyond and Lolicon was released and we could overclock the CPU speed to 500Mhz which brings a lot of improvement for some games like Killzone which eliminate any frame drop and also helps with emulators' performances.
More games were added to the PSVita library with the release of Gaymaker which allows porting games made using Game Maker to the PSVita without needing the source code. Day after day, the PSVita capacities were improved and 2018 is a major turn point in PSVita history. Can we go further yet?
2019 is probably the year where the PSVita security was gone forever, in 2012 what was once estimated as the toughest security system made in place for a mobile device is now completely defeated in 2019. F00D is a crypto-security processor which handles most of the PSVita cryptography tasks including storing and handling the most secure keys. The article from Wololo covers well the matter. But it's kind of funny that the key found by the most absurd way by xyz (bruteforcing a AES-128 key, you must be either a genius or an idiot to attempt that) is an amazon product
(For those who didn't understand the joke the key is AAAAAAAAAAAAAAAA, which is as dumb as using 12345 as a password for your account).
With F00D saw the release of reF00D which allows the users to play 3.69 games on 3.60 without needing compatibility packs or people going to 3.69 to decrypt the game. After ref00d Dots-TB will create a team called CBPS (which originally was the initial of Celeste Blue Party Server) and regroup several talented developers. Dots-TB will shortly after disappear from the scene for an unknown reason.
Mmmmhhh My big Juicy BURGOOR
The f00d exploit also allowed downgrading with the release of Modoru, now we can safely go back from 3.68 to a firmware that has enso.
Trinity was released and the latest up-to-date hack for the Vita was what allowed the PSVita to be hacked in the first place : ePSP exploit. This exploit is a real tribute to the PSVita hacking legacy as it was the end goal of early hackers to use ePSP exploit into a native hack and TheFlow managed to do it at last. TheFloW also released h-encore² which improves the reliability of the exploit for 3.63/8
F00D control also allows to remove the blacklist made by sony and thus allowing us to bring back the PSM for dev and Unity for Dev apps used back then in rejuvenate ! This means that unity homebrew was possible on the PSVita !
Let's enter into the PSVita matrix !
Following the wave of popularity that the PSVita is going through, a homebrew contest and an indieGoGo campaign have been done. The first one is called VitaGameJam. It's a Game contest made for the vita by an unknown person from Twitter who appeared from nowhere. The organization was very very sketchy with a Twitter poll voting system and a 500$ price for the winner. After some investigation, it turned out that the whole thing was a scam as the author of the contest was disappointed by the entries and decided to submit his own project and make it win to save his money. The whole explanation about that scam can be found here.
This contest doesn't exist in my book
The second scam is the VitaDock. The original goal was to provide the community with a device that acts as a dock which like the Nintendo Switch will stream the PSVita screen to the TV and thus act like a PSTV if used with a ds4 plugin. The campaign collected around 17,700$ in total.
So much for a wood dock containing a rasberry pi...
xCorra was working on the project while sending some showcases about his progression. He also acted as a helper alongside me in the Henkaku discord and began to earn people's trust increasing his indieGoGo funding. While he came close to me and shared some of his "private life" information like how his wife was in the hospital and it was kind of hard for him lately. He vanished shortly after from the internet and was nowhere to be found until later when xSis reddit account apologized about the vitadock and claimed it will refund the people who invested on it (Spoiler : no). I first thought that it was because of depression and the situation with his wife but he came back later in 2021 under NicktheFix alias but he was busted quickly after lot of "coincidences" such as upload location being from Croatia, befriending again with me, and act as a helper again, doing apps with Lua and have a grudge against SKGleba which wasn't justified (SKG who was one of the people who roasted xCorra for his scam). He flew again after admitting he was 20 (and telling from his fingers it was obvious that he was a young guy) so the excuse of his wife at the hospital was a complete lie and he planned at the early stages of vitadock to scam people. Crash Cortez who worked on the software side of vitadock and didn't get his pay decided to release the software that was supposed to come with the vitadock so that everyone can create their own vitadock wth a rasberry pi. This is the only thing that remains from the vitadock.
VitaNuova bounty system is set in place and many bounties come up from it. This will motivate developers to do requests and from it, we saw the release of sharpscale which improve significantly the PSTV experience. Retroarch performance will also see a big improvement with frangarcj working on GPU acceleration support.
With Covid happening, 2020 saw a spike in activity. Since devs had now more free time on their hands, a lot of progress has been made.
TheFloW release a plugin that reminds us a lot of the PSP days, Déjavu a save state plugin ! You can now save the game state of your choice and get back at it later. On the other hand, SKGleba released psp2hfw which allows the creation of hybrid firmware (the same concept as what we have on the PS3) so that we can mod the firmware the way we want. A simple example is using 3.65 bootloader on 3.67 which allows for 3.67 enso ! Further progress will be made with modding the system with the constant updates of EnsoEX allowing for further customization as well as total control of the system for the end user. (We can now recover software bricks, I did the experience and I saved my vita once from its death !...... Until it died again a year later because fwtool didn't have time to install enso ex when it crashed... But it's all good since it's thanks to doing experiments that I get to know the PSVita more and more and can help people with their issues 99% of the time)
What about the emulation side ? Well we finally have our N64 emulator on the PSVita, a 2016 wish comes true, and no more daedalusx on adrenaline to play Super Mario 64 without sound at 25 fps. We also have a PoC Dreamcast emulator !
Mario kart on the vita, finally
2020 is also the year where multiple decompilations saw the day on the internet, Sonic CD and GTA III/VC saw their decompiled source code released and thanks to VitaGL reaching new grounds in terms of OpenGL implementation, porting GTA games was possible on the PSVita and it was quite the feat. I also got the chance to be involved in the development and wrote my first ever piece of code for the vita with the back-culling blacklist for GTA III. Watching the discussion between the members of re3 and Rinnegatamante/TheFloW allowed me to understand better the behind-the-scenes of porting a game as well as the challenges involved. It was also one of the reasons why my vita troubleshooting guide saw a rise in activity as I was doing tutorials for the ports (installation, libshacccg etc) for Rinnegatamante and TheFloW.
I will never touch grass again
On the other hand, the CBPS team has made some great releases such as an updated udcd_uvc plugin which allows for 720p output, patching games to render at 720p and 1080p as well as some homebrew games. Another SDK called DolceSDK and finally the use of the mystery port on the 1000 vita as a Mass storage input. You can find more about their releases here.
CBPS also found a way to use the shader compiler from the PSM runtime. Previously we had a leaked shader compiler from the Sony SDK which devs didn't want to use. Now, what was one of the biggest piece missing to 3D ports and game development is now in place. PIB which is a GLES 2.0 library around Piglet/ShaccCg was now an alternative to VitaGL.
The PSVita alongside the Nintendo Switch were the two consoles whose hacking community was as alive as ever and it was very exciting to be a PSVita user back then. Unfortunately, while the PSVita community was small but enjoyable, some drama still happened and we had some tension going on around CBPS vs Rinnegatamante and DolceSDK vs VitaSDK for "license poisoning" which makes it unable to backport changes from DolceSDK to VitaSDK. The opposite isn't true.
After such promising developments of 2020, we were probably at the highest point of the PSVita hacking history. Everything was possible, the PSVita was the last active community alongside the Switch and made headlines around multiple news websites with the GTA games being ported.
But after having GTA III/VC, we were only missing San Andreas to complete the trilogy. TheFloW driven by his desire to play his childhood game on his PSVita decided to try to port an Android game on PSVita. And while being semi-drunk, he created in a night a .so loader for the PSVita which allows us to boot Android games and apps. What was a joke once became a reality. We could now play Android games on a PSVita. Classic games such as GTA CW/SA, Bully, Max Payne, battlefield 2, and crazy taxi got ported.
Yeah homie we're back in grove street !
The recent events made me think about doing a PSVita homebrew contest, the development tools were improved beyond comparison with what we had during GekiHEN. And with everyone having their eyes on the PSVita it was the best moment to launch one. There was also the fact that I was kind of tired of being just a known helper and Custom Protocol moderator for 5 years and I wanted to do something more concrete for the community. While I was already busy with prepa school intensive schedule I decided to do the ambitious project of creating KyuHEN.
Most beautiful PSVita Artwork ever made
As it was my dream to make a Homebrew Contest I wanted it to be some kind of "ultimate homebrew contest" and aimed to be really successful so I tried to bring the 4 Hacking forums that did GekiHEN to work with me on KyuHEN and have their support. Frangarcj also helped me and 2Old4Gaming who launched a first idea of a homebrew contest was on the train. It was important to have a lineup of trusted members as the trust was kind of broken with the VitaDock scam and the VitaJam2019 scam. It was also the first time I was doing something at that scale, and while I had little to no time with the prepa school and the contest organization, the difficulties that came because of my ambitions, KyuHEN was a success and a lot of promising software were developed. You can read more about the "behind the scene" here and go to the website here.
So much things came out from KyuHEN. Thumbnail from Wololo
CBPS, on the other hand, released PVR_PSP2 which is a GPU driver for the PSVita based on the leaked source of the original PSVita GPU driver which brings a lot of improvement as well as GLES V1.1 and 2 support. It replaces PIB. Another departure after a controversy (although less tear worthy) involves TheHeroGac, creator of Autoplugin 1 (responsible for 70% of the help posts and questions we find on Reddit and Discord) released a dualsense driver for the PSVita without actually owning a dualsense. This miracle was actually possible by stealing a newcomer PR of ds34vita which added dual sense support and releasing as his own piece of work. After being called out by me and many devs from the scene, he admitted to stealing the plugin and left the scene.
Since 2016 each year surpassed the other one in terms of progress. There isn't a time when the community was staling and instead years through years the PSVita community had a whole new face compared to what it was before. Back then when we thought that the PSVita hacking community would get nowhere we never thought that it would be as amazing as it gets today. Sony may have abandoned the PSVita but the community never let it down and gave it a second life.