The State of Things


If you're confused about anything here, or need additional help, see the Nintendo Homebrew discord.

What's Homebrew?

At this point, the only accessible homebrew on Switch is actually via CFW (custom firmware). CFW allows total system access, including, for example, installing and using unsigned packages and payloads. Homebrew (aka userland-only access), on the other hand, is weaker and usually only useful for things like save editing and has much less system access.

Currently, there is no widely supported software-based exploit for the Switch on any firmware version above 3.0.0. Software-based userland-only access is in progress, but not finished yet. Notably, there is a hardware exploit that can get CFW. However, only a Switch unit produced during or before July 2018 is likely to be able to access it. You can check your serial number to see if you're vulnerable to the exploit. For a how-to on that and the rest of the process, see the Nintendo Homebrew server's Switch guide.

What's a hardware exploit?

It's some kind of flaw or bug in the hardware that can be taken advantage of. The exploit you are taking advantage of is a bug in the Switch's NVIDIA Tegra processor (yes, you read that right). The Nintendo Switch has a hidden boot mode called RCM (Recovery Mode). This allows Nintendo to repair the device's software without having to take it apart. It's usually entered by using a physical piece of hardware called a "jig", which is a small piece of plastic with wire in it, but there are other methods (which won't be discussed here).

There's also Maintenance Mode, which would be more often accessed by end-users. RCM and Maintenance Mode are different. See the Switch Guide linked above for more information about what RCM is and how to get into it.

Normally, only Nintendo can use RCM to do anything. However, this recovery mode has a bug in it which allows us to run our own code (called a "payload", which is a fancy term for a data package) and thus boot CFW (custom firmware), recovery tools, or even other operating systems like Linux. The most common payload users run is Hekate.

What's Hekate?

Hekate is a bootloader that can load other payloads. Hekate runs before any of the other Switch firmware, so can do things like manage your Switch's NAND (internal system drive) and make backups from and restores to it, access your secret console keys (necessary for further use and console restoration) and force the Switch to load its own native firmware with the desired additions. These additions are usually a CFW, which for most purposes should be Atmosphere.

What's Atmosphere?

Atmosphere is currently, arguably, the most in development CFW for the Switch. There are others, notably ReiNX and SX OS, however Atmosphere is usually recommended. The reasons for this are violently debated across the Switch scene. Lots of users prefer SX OS because it's easier and supports piracy out-of-the-box, but SX steals most of their code from Atmos, and then makes you pay for it (Atmos is free, so this is a crappy practice). Others prefer ReiNX for similar reasons, mostly including piracy, but it copies Atmos code and claims it doesn't, and then takes six weeks to directly copy Atmos' latest patches and fixes (additionally, see this and this).

Regardless, Atmos does support the addition of sigpatches, which is what enables installing unsigned packages to the home menu (and piracy), but requires additional configuration to make it work. So, in essence, there's no real reason to use anything but Atmos. Also, Atmos is working on an emuNAND solution, which will make CFW much, much safer.

Safer? It's unsafe now?

At this point, we speculate that "homebrew-only" is safe. This means loading into CFW, and then using the Homebrew Menu and its related applications to do things like manage saves and other such low-level things. Some users have had success with loading CFW, using homebrew functions, then loading back into regular firmware without NAND operations without getting banned. YOUR EXPERIENCE MAY VARY. Things are very unsure at this point. Other users have claimed that they have played online with game mods and such enabled without a ban. THIS IS ALSO RISKY.

The problem with CFW is that the Switch has an awful lot of telemetry and logging, which it sends back to Nintendo, and Nintendo seems to have implemented an awful lot of systems set up to ban hacked consoles. While in CFW, you should use airplane mode/90DNS to redirect the sending of these logs, but that's not a guaranteed solution, as the console may store some logs and send them the next time it is able. Atmosphere has gone to efforts to redirect and disable the logging modules, but nobody is quite sure if that's effective, and we don't know how much gets through as we have no way to monitor it.

If you want to stay totally safe, the only option is to make a backup of your original NAND through Hekate before launching CFW, then restore that clean backup once you're done. However, you will need an SD card of at least 32gb formatted in exFAT to restore the clean NAND, as the NAND is 32gb and must be restored in a single part (fat32 is recommended for regular usage, and a NAND can be dumped into several parts on fat32). This will also revert your console to the way it was at the time the backup was created.

What's happening next?

Community developers are working on making an emuNAND, which will allow you to have a "second Switch" inside your Switch that you can use for CFW purposes, and keep your actual Switch clean. This should mean that you can use all CFW features without getting banned. Userland-only exploits may be found or developed in the future. These will possibly work on most firmware versions. In the nearish future, a non-hardware exploit called Déjà Vu will be released that will allow CFW on firmwares 1.0 - 4.1, and userland-only access on 1.0 - 6.0.1.