Hacking READ FIRST freeShop, CIAngel, and other CDN reliant services will no longer work with many games

Not open for further replies.


Never sleeps
Chief Editor
Oct 2, 2012
United States
On July 30th, Nintendo sent out the 11.8 3DS software update. The update, while seemingly standard at first glance, actually managed to break support for Luma3DS, CakesFW, ReiSix, and other popular 3DS CFWs. (though fixes were issued within the same day) This wasn't the only change made, as Nintendo also changed the way that the 3DS detects pirated copies of games, as well as how certain programs like freeShop, CIAngel, 3DSvillain, WiiU USB Helper, and others handle downloading titles. Now, a much more stringent method is in place, requiring a "check" of sorts when you try to download a game with it.

A more detailed explanation of why this occurs is transcribed below:

The change that's being discussed is a change in the NIM module on the 3DS. NIM is the service which is responsible for downloading applications through the Nintendo CDN; it's the service which is used by the eShop to download and install games. Before 11.8, NIM only sent the titlekey to the CDN in order to verify that the download was allowed. Think of titlekeys as a sort of password for the CDN - if you had the right titlekey, you could always download the game. This is also why you could download games on a computer - there was no console specific information sent and thus the CDN didn't check what was downloading. As long as you sent the titlekey, the CDN sent the game.

Before we talk about the change, let's make sure we all understand what a ticket is. A ticket is a piece of data that's stored on your 3DS that is used by the 3DS OS to determine which games you own. The ticket consists of three main parts - the signature data, console specific data, and the titlekey. The entire ticket is signed by Nintendo, so it's impossible to replicate these tickets. If they're changed, or if someone tries to make their own ticket, the changed/new ticket will have an invalid signature. This means the ticket is what we call an invalid ticket. Before 11.8, only the 3DS console checked the signature of the ticket. This is why you need CFW to install CIAs - the ticket's signature is invalid, and the CFW patches out the signature check the 3DS would otherwise do. Up until 11.8, this solution worked fine, as there were no server side checks of the ticket.

This changed in 11.8, as NIM was updated to send two new headers whenever a download request is made to the Nintendo CDN. These two new headers are X-authentication-key and X-authentication-data. X-authentication data is the ticket installed on the console (encrypted), and X-authentication-key is the AES key used to encrypt the X-authentication-data field. The CDN then decrypts the data field and checks the signature of the ticket. Since the ticket was made by freeshop rather than by Nintendo, it fails the signature check and the CDN refuses to send the file. A brave member on the Nintendo Homebrew discord installed one of these invalid tickets and attempted to download from the eShop, which would've worked fine on 11.7, and confirmed that it broke on 11.8 and that Nintendo was now verifying tickets
Credit to @astronautlevel

At the time of this thread some games are still available to download, though Nintendo-developed or published games are beginning to result in a 403 Forbidden error. This is only for the Nintendo 3DS, currently, while Wii U games are unaffected.

For issues regarding the DNS on the titlekey sites, this can be resolved by editing your C:\Windows\System32\drivers\etc Hosts file in notepad to have " titlekeysitehere" and saving it.

Linking to the titlekey sites is still against the rules.
Linking to sites hosting .CIAs or asking where to find .CIA files is still against the rules.

:arrow: Discussion Thread
:arrow: If you have simple questions, you can ask them here
Not open for further replies.
General chit-chat
Help Users
  • No one is chatting at the moment.
    KenniesNewName @ KenniesNewName: https://youtu.be/bcwkMfoUATc No more SteamDeck waits