From 43f64887f7714919e8bce03a12e16c715d0ace97 Mon Sep 17 00:00:00 2001
From: Oleg Moiseenko <807634+merlokk@users.noreply.github.com>
Date: Tue, 21 Nov 2023 22:00:59 +0200
Subject: [PATCH] Update mfc_notes.md

Signed-off-by: Oleg Moiseenko <807634+merlokk@users.noreply.github.com>
---
 doc/mfc_notes.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/mfc_notes.md b/doc/mfc_notes.md
index 530af9b96..a6fd1beff 100644
--- a/doc/mfc_notes.md
+++ b/doc/mfc_notes.md
@@ -43,3 +43,7 @@ The nonce is just the same for each auth with the same parameters.
 
 Vulnerable:
 1. decode card-reader trace
+
+## reader-only attack
+
+The readers have a random generator bug. With it, we can recover a key for the sector it tries to authenticate.