Together with their 60th Game dump for the Switch, well known Scene group BigBlueBox released the Nintendo Switch Master key for Firmwares 1.0.0 to 2.3.0 inside their NFO for the Japanese version of Dragon Quest Heroes I & II.
Since quite some confusion has come up with the release of this “Master Key” Developer SciresM has stepped up on GBATemp to expain how this Master Key works and what it allows to do.
In the interest of misinformation not spreading everywhere:
There are three keys of interest, for a given firmware. The Master Key, the Device Key (console unique), and the Package1 Key.
The Package1 Key is used to decrypt TrustZone.
All console unique keydata is derived from the Device Key.
All non-console unique keydata is derived from the Master Key (and constants in TrustZone/sysmodules/NAND).
The “Stage 2 bootloader” key that leaked a while ago was the 1.0-2.3 Package1 key.
Knowledge of a master key doesn’t allow you to do anything more in terms of gaining privilege on hardware, but it does allow you to derive all non-console unique keydata that the Switch can derive for that firmware.
In more basic terms: having a master key for a firmware lets you decrypt anything a switch on that firmware could decrypt, on your PC.
Seeing as this Master Key allows decrypting of everything a Switch between Firmware 1.0.0 and 2.3.0 I bet that this will be pretty helpful to Yuzu, the Nintendo Switch Emulator.
I wonder if we will see the 3.0.0 Master Key anytime in the future (Maybe when HomebrewLauncher gets released) and what will come out of the now freely available Masterkey 0 of the Nintendo Switch