Few things needed to be done for a downgrade to become possible:
1a. Crack the encryption on the PSAR file to see how it authenicates the eboot
1b. Replicate the PSAR file and edit it so the PSP thinks its signed
1c. Encrypt the PSAR file agian
Inversion of the Instruction Set:
2a. Decrypt the Instruction set in the DATA.PSP File
2b. Inverse the instruction set in the DATA.PSP
2c. Encrypt the Instruction set in the Data.PSP
The only thing i can think of that may go wrong with the INversion of the instruction set would be the fact of direct address changing. Just giving something like:
If it did it that way we'd have to have the entire firmwar dumped from 1.50 and see what the previous value of 193763 was before the update changed it to 9029...
I believe most of this has been done. also i might have left a few things out, of well this post was just to list a few things that had to be done...
[EDIT} anyone know the disassembly offset i should use? one of my friends wants to know and i dont know the exact number... PM me or post please ;p