![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://fry.gs/pictrs/image/c6832070-8625-4688-b9e5-5d519541e092.png)
I don’t think that’s the case, because otherwise how did they leak this key that the backend uses, that presumably stayed in the backend, by reverse-engineering the rabbit android application?
I think the devices all just have hardcoded keys to the APIs themselves.
Mood