Are all the old ESP32 versions with the outdated secure boot discontinued?

[JosuGZ]

Hi, I'm seeing that the old versions of the ESP32, the ones vulnerable to fault injection, are not recommended for new designs. Should I worry and update my process? As far as I know, the same firmware should work, but new tooling is needed to enable Secure Boot and generate the keys, etc, which would be problematic should I need units for some projects. I would also need a new bootloader which may or may not fit on my partition layout.

[ESP_Sprite]

You could still use the old SecureBoot; the V3 still supports that and we fixed the issues that made the process glitchable in earlier versions. SecureBoot V2 is a bit more secure (as it uses public/private keypairs for signing the bootloader, meaning it's physically impossible to get the signing key in whatever way from a chip) but if V1 satisfies your requirements, there's nothing to stop you using that instead.

[JosuGZ]

Ok, thanks!

Then I have two questions:

1- There is an old project where I was burning the secure boot and flash encryption keys using the tools provided by IDF 3.2, will that still work? I was doing that since it had no OTA so I needed to be able to reflash the whole firmware already encrypted if I wanted to upgrade.

-2 Having Secure Boot V1 with the new chips fixes the voltage glitching problem, correct?

[ESP_Sprite]

1. I think so. The ESP ECO fuses should be compatible.
2. Yes.

[JosuGZ]

Thanks! It seems to work.

Is this bit needed though?: ABS_DONE_1