This release cycle brings security and build improvements, SDK and MbedTLS upgrades, new admin and ESP32 capabilities, and multiple reliability fixes across Pico Fido and pico-keys-sdk.
This update includes platform improvements, security-related refactors, SDK upgrades, and a set of reliability fixes that remove sharp edges we found in day-to-day use.
What’s new
We added Vendor Admin PIN support and extended hardware support in the ESP32 family, including HIGH/LOW LED control improvements and ESP32-S2 related updates through the SDK path.
On the SDK side, we also introduced support pieces such as BULK command capabilities (to reduce bandwidth overhead in specific flows) and OpenSSL backend compatibility.
What got better
A major part of this cycle was maintenance and hardening:
- Upgrade to Pico Keys SDK 8.6
- Upgrade to MbedTLS 3.6.6
- Stricter build checks
- Cleaner include handling (including submodules treated as system includes where appropriate)
These are not flashy changes, but they matter. They improve portability, reduce noisy build behavior, and help prevent subtle regressions.
What changed internally
Some internal systems were intentionally reshaped:
- Migration to device key encryption v2
- Removal of the unused MKEK system
We also carried forward security plumbing changes from pico-keys-sdk, including anti-rollback and encryption utility evolution.
Bug fixes worth calling out
This cycle closes multiple issues across core behavior and build stability:
- Secure boot enable flow fixes
- Curve25519 translation fix
- OATH rename edge-case fix
- Rare race condition fix
- CYW43 LED build fixes
- Includes/build declaration fixes
- MLKEM build fixes
- Additional secure messaging sanity checks and MAC-length validation (SDK side)
Why this release matters
This is a “quality release” more than a feature release.
If you rely on Pico Fido in mixed environments (different boards, toolchains, and transport combinations), this set of changes should make your life easier: fewer surprises, cleaner builds, and better operational stability.