Little Background

I have a pretty shit device which I sometimes love and sometimes hate, it’s like a love-hate relationship. Let me introduce you, Garnet (Redmi Note 13 Pro 5G). I called it Little Wyvern because I named my laptop “Wyvern”. Yeah, lazy naming I know. Anyways, here are the specs and steps to make the Garnet loveable.

Brewing Setup (Racikan)

1. Magisk Alpha (you know the steps)
   • Hide Magisk app and name it whatever you want.
   • Disable built-in Zygisk.
   • Disable Enforce DenyList.
   • Install Zygisk Next (then reboot).
   • Install Zygisk LSPosed and Zygisk Assistant (then reboot).
2. Zygisk - LSPosed (after all those installed)
   • Install Shamiko.
   • Install TrickyStore and TrickyAddon.
   • Install Play Integrity Fix. *sets the device integrity to basic
   • Install HMAL, enable module then check System Framework.
   • Install BootloaderSpoofer if needed
3. Post-install banking or any apps that requires integrity or detects root
   • Go to your hidden Magisk app, settings, configure DenyList, and check out the target app.
   • Go to LSPosed, HMAL, its settings, App Manage, select the target app then “Enable hide” and “Work mode: Whitelist” + “Exclude system apps”.
4. Done.

Integrity

While doing all that does the basic work, sometimes app just won’t start because the integrity is unknown, invalid, basic, or maybe just not strong enough. So here are the steps on how to make it at least reach device level to strong level.

1. Tricky Store (actions or just open the KSU WebUI) - Device Level
   • Set Valid Keybox
   • Set Security Patch to at least “2025-05-05” (as of now)
   • Add your app id to /data/adb/tricky_store/target.txt
   • Now if you do an integrity check it should returns MEETS_DEVICE_INTEGRITY.
2. Integrity Box - Strong Level

   Shout out to MeowDump for making this module.

   • You should have installed and followed steps above for pre-requisites to make this module works. Not every steps, but still optional.
   • Install on Magisk.
   • Done.

Summary

No device is 100% perfect for this setup, if it’s that perfect then it’s probably a flagship or well-designed device that just works out-of-the-box lol. The current con of using this setup is that some of banking apps won't start which are:

1. MyBCA (use BCA Mobile)
2. idk any yet

I also installed a UI modification, small improvement tweaks, and ReVanced apps on magisk like v15 SystemUI Plugin, ReVanced modules, GMSDoze, et cetera.

With a well-tuned setup and proper configuration, this Little Wyvern becomes more usable and loveable. Running banking apps and integrity-requiring-app should be a no problem now. But, even with this complex and exhausting setup, some apps still could detect the device is rooted and faked. I just can’t find how the app detect it even with HMAL and Zygisk hiding. At least it works, right?

update - 09/06/2025

chiteronman decided to discontinue the pif module, use piffork instead.