Raspberry Pi Relaxes the Rules for Its RP2040 Hacking Challenge, $20,000 Still Up for Grabs

Raspberry Pi has announced that it is loosening the rules for its second RP2350 Hacking Challenge, in which researchers are invited to attempt to break particular aspects of the security built into to company's second-generation in-house microcontroller — removing the need to keep memory address randomization enabled.

"At the end of July 2025 — so almost 6 months ago — we launched the second RP2350 Hacking Challenge, searching for practical side-channel attacks on the power-hardened AES [Advanced Encryption Standard] implementation underpinning RP2350's secure boot," explains Raspberry Pi's Thomas Roth. "So far, we don’t have a winner, so we decided to evolve the challenge by removing one of the core defense-in-depth features: the randomization of memory accesses. If you manage to demonstrate a successful attack on our AES implementation without the randomization, you win!"

The Raspberry Pi RP2350 microcontroller, which features the unusual ability to enable any two-core combination from two Arm Cortex-M33 cores and two free and open Hazard3 RISC-V cores, launched back in August 2024 as a successor to the popular RP2040. In addition to more powerful processor cores, more memory, and other improvements, the chip also offered improved security functionality — something the company was so confident in it launched a $10,000 bug-bounty competition, later increased to $20,000. Naturally, flaws were found and winners rewarded before Raspberry PI announced a second security contest to see if its improvements withstood scrutiny.

It's this which has now been extended, following a lack of successful entrants, with a new rule designed to focus specifically on the built-in AES implementation. "Our AES implementation was designed to withstand side-channel attacks by using multi-way secret sharing (where sensitive values are split into random components that must be XORed together) and by randomly permuting the order of operations and data," Roth explains. "We hope that even just the multi-way shares are enough to protect us against side-channel attacks."

As a result, the requirement that successful attacks will only count as valid entries if they keep the chip's separate memory address randomization feature enabled has been removed — and now, even when disabled, entries will be considered for the $20,000 prize. The deadline is also being extended, with entrants now having until April 30, 2026. "Getting close but don’t have a successful attack yet? Write to us," Roth says. "We care more about protecting our implementation than about having a full end-to-end attack. If you've identified a leak, we want to talk to you!"

More information is available in the RP2040 Hacking Challenge 2 GitHub repository.