OK I GOT A BETTER WAY TO VIEW THIS My Theory: the firmware.bin aka the module, runs with luma when the option of enabling it is on. thus making the main CTRNand useless and the module in action. that means the CTRNand got a file which triggers the error 022. in my opinion the secureinfo and the certs file is the one responsible for this. chaning the sercureinfo alone wouldn't do anything which makes the error 022 still happen since the console ID is also registered in the certs. the module would have a custom console ID and certs. although the Ctrnand will still be banned, the module will run instead of the ctrnand which bypasses the error sinces they think its your actual consoleID which ''have nothing'' to do with the leaks. @Nanquitas 's fork was implied in this module.