u/Apprehensive-Oil3856

We’ve been working on the Sub-GHz antenna system for High Boy, and one of the hardest parts has been dealing with a very simple requirement that gets messy fast in practice:

We want one physical antenna to cover 315, 433, 868 and 915 MHz.

That sounds nice on paper, but in a compact device it’s a real challenge.

Those bands are far enough apart that a single small antenna will not naturally behave well across all of them without some help. And once you start shrinking everything into a handheld device, every little detail matters.

The antenna shape matters.
The surrounding copper matters.
The ground plane matters.
Even what sits under an inductor starts becoming part of the problem.

Our current approach is active tuning.

We’re using an RF SP4T switch, controlled by 2 GPIOs, to select between 4 different impedance matching states depending on the band we want to optimize for.

One of those states is an open circuit, with no component to ground, and that one is being used for the lowest band.

The topology currently uses 3 fixed shunt components in the main RF path, plus 4 switchable paths depending on which band we want to optimize for.

We also added ground plane openings under the inductors to reduce parasitic capacitance. It’s one of those details that sounds small until you remember that in RF, the PCB stops being just a place to mount components and starts becoming part of the circuit itself.

What’s been interesting here is that this is one of those problems where every solution comes with a trade-off:

Multiple antennas would take more space.
A broader passive compromise would be simpler, but weaker.
Active tuning gives us more control, but adds switching logic, layout complexity, and more things to validate.

Still validating the design, but this has been a fun RF problem so far.

Has anyone here worked on a compact multi-band Sub-GHz antenna system before? Curious how you approached the matching/tuning trade-offs.

https://preview.redd.it/7jwb9scm3s0h1.png?width=2048&format=png&auto=webp&s=3bfa72554d62984146c5cc84da5614c6ee6e4b90

We’ve been working on the NFC/RFID antenna layout for High Boy, and one of the early assumptions was pretty straightforward:

Put the NFC coil on the outside. Put the RFID coil on the inside.

That’s the layout you see in a lot of compact devices, and honestly, it felt like the “safe” choice. But once we started looking at our chassis, we realized we had a bit more usable space than expected. So one of our founders suggested flipping the topology, putting the RFID coil outside and NFC coil inside.

Our antenna engineer was skeptical at first. NFC is usually very sensitive to coil geometry, surface area, nearby metal, battery position, spacing, ferrite, all of that annoying but very real stuff. So changing the layout wasn’t something we wanted to do casually.

But after checking the available mechanical space, the inverted layout gave the NFC coil more usable surface area. That means better magnetic coupling potential and, in practice, a better path toward improving read range.

The funny part is that this wasn’t only good for NFC, we also ended up improving the situation around the Sub-GHz antenna path. Not the original goal, but definitely a nice side effect.

That’s the layout you see in a lot of compact devices, and honestly, it felt like the “safe” choice. But once we started looking at our chassis, we realized we had a bit more usable space than expected. So our antenna engineer suggested flipping the topology, putting the RFID coil outside and NFC coil inside.

We were a bit skeptical at first. NFC is usually very sensitive to coil geometry, surface area, nearby metal, battery position, spacing, ferrite, all of that annoying but very real stuff. So changing the layout wasn’t something we wanted to do casually.

Would you stick with the conventional NFC-outside/RFID-inside topology, or would you also optimize around the actual chassis volume available?

https://preview.redd.it/581rg140llzg1.png?width=2048&format=png&auto=webp&s=acd9b77e2cfe1f75e4a1080d376bc9f40e508c4d

https://preview.redd.it/5o6a9djallzg1.png?width=844&format=png&auto=webp&s=11f5d84aff82db1dad641d136defe70ebbec9af1

Maybe you guys have seen the headlines over the past few weeks about a brazilian researcher that discovered a counterfeit Ledger with ESP32 implant, this researcher was Vini (co‑founder of our High Boy), he bought a Ledger Nano S Plus from a Chinese marketplace, with packaging, price and QR code that looked legit. He opened it and the chip markings were deliberately ground off.

After resetting the chip via the EN pin, it revealed itself as an ESP32‑S3, a generic microcontroller, plus a hidden WiFi/Bluetooth antenna.

The real Ledger uses an STM32 + ST33J2M0 and has no wireless hardware. He dumped the firmware. The seed phrase and PIN were stored in plain text.

The fake firmware speaks the standard APDU protocol but extends response buffers with 8 hidden fields, including storedMnemonic (your seed) and a C2 domain. When the official‑looking app sends a harmless command like get version, the device replies with the version plus your seed – exfiltrated over USB, no WiFi needed.

The QR code led to a fake Ledger Live app (React Native → Hermes bytecode, 194k functions). Permissions include camera, record audio and background execution, which is nothing that a wallet app needs. It's hardcoded to always show "Genuine Check passed".

It extracts the seed, encrypts it with RSA, and sends to servers in Shanghai. If exfiltration fails, it retries for 10 minutes after the app is closed. Multiple C2 domains found, comments in Mandarin, hardware from Shenzhen. This is likely a structured criminal campaign, not just a simple scam.

We have a full technical report available at: https://research.highboy.com.br/pt/analise-ledger-falsificada/ Our advice is to buy hardware wallets only from official sites, never use a QR code from the box and always run the Genuine Check.

Also, we don't mean to disencourage anyone to start on crypto, on the contrary, just some tips to stay safe.

https://preview.redd.it/4ps58tdjl0xg1.png?width=1080&format=png&auto=webp&s=18c50ceddb534f81f466366bc017a7b57ea18286

https://preview.redd.it/f1fud46il0xg1.png?width=1426&format=png&auto=webp&s=1557bd18196c962684f520847e2e60ef5619f006