(no title)

Yes, agreed you'd need a larger average. The thing I'm trying to get at is whether or not this is a practical attack, as in: feasible in the real world, without being able to control the code running on the device. Because if you can do this to any random ESP32 without being able to manipulate the code and it coughs up the keys in a few days, weeks or even months that's an entirely different level of threat than being able to do this the way the article did it.

And I'm having a hard time figuring out how big that difference is, it may well be 'impractical today, childsplay tomorrow'. And ESP32 devices are in a lot of different places. Access to the hardware should be assumed (because you're not going to be able to monitor the 3.3V line with this level of accuracy otherwise), I'd assume any caps after the monitoring point would be removed and the only capacitance left would sit on the supply side before the current transformer. If that's your setup and you have no knowledge of what's running on the chip is it doable or not?

The article suggests that any key can be recovered in a couple of seconds but I don't think that's the case at all.