diff --git a/app/core/core.c b/app/core/core.c
index f91f0d4..e38a78e 100644
--- a/app/core/core.c
+++ b/app/core/core.c
@@ -3,11 +3,13 @@
 #include "crypto/address.h"
 #include "crypto/ripemd160.h"
 #include "crypto/util.h"
+#include "crypto/secp256k1.h"
 #include "ethereum/eth_db.h"
 #include "mem.h"
 #include "keycard/secure_channel.h"
 #include "keycard/keycard_cmdset.h"
 #include "keycard/keycard.h"
+#include "storage/keys.h"
 #include "ui/ui_internal.h"
 #include "ur/eip4527_encode.h"
 #include "util/tlv.h"
@@ -264,9 +266,17 @@ static app_err_t core_usb_get_app_config(apdu_t* cmd) {
   data[4] = (db_version >> 16) & 0xff;
   data[5] = (db_version >> 8) & 0xff;
   data[6] = db_version & 0xff;
-  data[7] = 0x90;
-  data[8] = 0x00;
-  cmd->lr = 9;
+
+  hal_device_uid(&data[7]);
+
+  uint8_t key[32];
+  key_read_private(DEV_AUTH_PRIV_KEY, key);
+  ecdsa_get_public_key33(&secp256k1, key, &data[7 + HAL_DEVICE_UID_LEN]);
+  memset(key, 0, 32);
+
+  data[7 + HAL_DEVICE_UID_LEN + 33] = 0x90;
+  data[8 + HAL_DEVICE_UID_LEN + 33] = 0x00;
+  cmd->lr = 9 + HAL_DEVICE_UID_LEN + 33;
 
   return ERR_OK;
 }
diff --git a/app/core/updater.c b/app/core/updater.c
index f84c16d..55cac8c 100644
--- a/app/core/updater.c
+++ b/app/core/updater.c
@@ -65,19 +65,19 @@ static char* append_sn(char* dst, const char* label, uint8_t uid[HAL_DEVICE_UID_
   dst += 8;
   *(dst++) = '-';
 
-  base16_encode(&uid[3], dst, 2);
+  base16_encode(&uid[4], dst, 2);
   dst += 4;
   *(dst++) = '-';
 
-  base16_encode(&uid[5], dst, 2);
+  base16_encode(&uid[6], dst, 2);
   dst += 4;
   *(dst++) = '-';
 
-  base16_encode(&uid[7], dst, 2);
+  base16_encode(&uid[8], dst, 2);
   dst += 4;
   *(dst++) = '-';
 
-  base16_encode(&uid[9], dst, 6);
+  base16_encode(&uid[10], dst, 6);
   dst += 12;
 
   *(dst++) = '\n';
diff --git a/app/crypto/ecdsa.c b/app/crypto/ecdsa.c
index ae514c1..56a21c3 100644
--- a/app/crypto/ecdsa.c
+++ b/app/crypto/ecdsa.c
@@ -66,6 +66,12 @@ int ecdsa_get_public_key65(const ecdsa_curve *curve, const uint8_t *priv_key, ui
   return 0;
 }
 
+int ecdsa_get_public_key33(const ecdsa_curve *curve, const uint8_t *priv_key, uint8_t *pub_key) {
+  ecdsa_get_public_key65(curve, priv_key, pub_key);
+  pub_key[0] = 0x02 | (pub_key[64] & 1);
+  return 0;
+}
+
 int ecdsa_recover_pub_from_sig(const ecdsa_curve *curve, uint8_t *pub_key, const uint8_t *sig, const uint8_t *digest, int recid) {
   //TODO: sanity check on input
   const uint8_t* r = sig;
diff --git a/app/crypto/ecdsa.h b/app/crypto/ecdsa.h
index 0ad61b7..0ef253b 100644
--- a/app/crypto/ecdsa.h
+++ b/app/crypto/ecdsa.h
@@ -27,6 +27,7 @@ int ecdsa_sign(const ecdsa_curve *curve, const uint8_t *priv_key, const uint8_t
 int ecdsa_verify(const ecdsa_curve *curve, const uint8_t *pub_key, const uint8_t *sig, const uint8_t *digest);
 int ecdsa_verify_raw_pub(const ecdsa_curve *curve, const uint8_t *pub_key, const uint8_t *sig, const uint8_t *digest);
 int ecdsa_get_public_key65(const ecdsa_curve *curve, const uint8_t *priv_key, uint8_t *pub_key);
+int ecdsa_get_public_key33(const ecdsa_curve *curve, const uint8_t *priv_key, uint8_t *pub_key);
 int ecdsa_recover_pub_from_sig(const ecdsa_curve *curve, uint8_t *pub_key, const uint8_t *sig, const uint8_t *digest, int recid);
 int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der);
 int ecdsa_sig_from_der(const uint8_t *der, size_t der_len, uint8_t sig[64]);