I was looking at a ME7.4.5 to try to understand the EXACT meaning of the entry F8 02 specifically the 2.  This data page loaded from eeprom and stored at 0xF2A3A. (Page2)

F8 02 <4 byte pincode> <4 byte pincode inverted> ImmoSetting1 <Setting1 Inverted> ImmoSetting2 <Setting2 Inverted>

Pincode is loaded into memory at F0926 & F0928.
50% of pincode is mangled into F0992 & F0994  for a 'secure' validation with BSI (I assume)

Default for this eeprom page is stored at C0020 ( F8 02 11 11 11 11 EE EE EE EE FF 00 00 FF)

The code fixes anything broken in this page (I think a blank eeprom will work fine), setting the pincode to 1111 and Setting1=1 and Setting2=4


i was initially hunting to understand why someone set this F802 to F801 in a modified dump rather than just trusting it would work. as I've seen people post many variations to achieve the same thing.

Anyway I have failed, I still can't find what is using the <F802> .
Anyone able to put me out of my misery by confirming it's unused, or point me at the address in the code it's used.

This is only to fix my OCD, I don't have any real practical reason to know what this byte does now I've read most of the Immo code.

Flash dump I was looking at below.

IDA settings load ROM at 0x20000 offset 0x10000 into the file.
Also load 0x8000 into 0xf0030 as IROM copies and executes in ram stuff.

https://www.digital-kaos.co.uk/forums/showthread.php/316661-c4-ME7-4-5-ST10-AND-95320-for-virgin