Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Dear all,
I am writing because I am trying to understand the Proxmark3 schematic (or, more precisely, the RF frontend).
I have a strong engineering background. I got quite a bit of experience with PCB design, hardware and embedded software development and FPGAs. When it comes to analog RF design, I am still a beginner, though. From studying the Proxmark3 schematic and software available on Github, I believe to have found out the following details. I would be glad if you could correct me, if I'm wrong.
1. The LOxxx/HIxxx RX paths are used for 125 MHz/13.56 MHz systems.
2. The xxRAW/zzPKD RX paths are used to sample the raw RF signal/the output of an envelope detector.
3. The analog TX path is only used when the Proxmark3 operates as PCD (i.e. a reader) and not when it is used as PICC (i.e. as tag).
Could you provide feedback for the following points, that I still do not understand?
4. Why are there so many coil drivers?
5. Why are they driven by the FPGA whose output is a square wave with lots of high-frequency components?
6. Is XT1 the crystal responsible for generating the reference clock for the RF signal?
7. When operating as PICC, the Proxmark3 must modulate the antenna load to transfer data back to a PCD. Where in the schematic can I find the load modulation circuit?
8. What are the CROSS_LO and CROSS_HI inputs to the FPGA used for?
In general, what are the main reasons for including an FPGA and a dedicated ADC chip in the design? Using newer hardware, do you think it would be possible the achieve the similar functionality using an ARM-enabled SOC with some analog peripherals (ADC, OpAmps, Comparators)? Higher sampling frequency of the ADC? True parallel processing via the FPGA?
Thanks for open-sourcing this great piece of hardware.
Also, thanks in advance for your help!
Best, badelvis
Offline
I read system.txt now. It carries a notice that it is outdated, however.
Regarding my questions, I can answer some of the myself.
4: To achieve different output levels (i.e. modulate the amplitude) by driving only some of them.
5: The fact that this produces high-freq. components is accepted.
6: ?
7: ?
8: They are used to recover the RF clock/phase.
Best, badelvis
Offline