From The Apple Wiki
Original author(s)opa334
Initial release2 May 2023 (2023-05-02) (1.0)
Stable release
2.1.4 / 7 May 2024 (2024-05-07); 18 days ago
Operating systemiOS
Size47.4 MB
Available inArabic, Chinese, Danish, Dutch, English, French, German, Greek, Japanese, Kazakh, Korean, Polish, Portuguese, Russian, Swedish, Tagalog, Turkish, Ukrainian and Vietnamese
LicenseMIT License

Dopamine (formerly Fugu15 Max) is a semi-untethered jailbreak, forked from Fugu15, for any arm64e (A12 and later) device running iOS 15.0 up to 15.4.1 (or 15.5 beta 2). Dopamine includes many changes that Fugu15 originally did not have, such as the implementation of ElleKit which allows for tweak injection, the ability to userspace reboot the device, a proper UI with settings and buttons (unlike Fugu15), and much more.

On 16 February 2024 (2024-02-16) Dopamine 2.0 was released to support arm64 (excluding A8) running 15.0-16.6.1, A12-A14 and M1 running 15.0-16.5.1 and A15-A16 and M2 running 15.0-16.5. A8X support was added with version 2.1 on 30 April 2024 (2024-04-30)

Release History

Version Date Changes Download
Public Beta 1 29 March 2023 (2023-03-29)
  • Initial release
Fugu15.tipa[permanent dead link]
Public Beta 2 30 March 2023 (2023-03-30)
  • Fix system freeze when jailbreakd crashes or restarts
  • Make systemwide hook more leightweight (thanks to @Cryptiiiic)
  • Fix bootstrapping error when /var/jb is a symlink that points nowhere
Fugu15.tipa[permanent dead link]
Public Beta 3 31 March 2023 (2023-03-31)
  • Fix initial bootstrap (Beta 2 regression)
  • Fix off by one causing jailbreakd to enter a crash loop if more than 743 macho files exist in /var/jb
Fugu15.tipa[permanent dead link]
Public Beta 4
  • ACTUALLY fix system freeze when jailbreakd crashes or restarts
Fugu15.tipa[permanent dead link]
Public Beta 5 12 April 2023 (2023-04-12)
  • Add support for userspace reboots (NOTE: As this is still a beta mainly intended for developers, you have to manually userspace reboot after jailbreaking)
  • Fix AutoFill not working after respring
  • Fix function hooking and tweak injection into processes with very hard sandboxed (e.g. WebContent)
  • Fix some device / version combinations not being supported (namely iPad 8 on 15.1)
  • Update bootstrap to latest
  • Improve system wide hook to always respect safe mode and keep libary out of DriverKit and BlastDoor processes
  • Prevent tweak injection into processes that could use fork, as hooking C functions in a process currently breaks fork from working, a proper fix for this is still pending
  • Add default repos (Chariz, Havoc,, BigBoss)
  • Fix memory leaks in jailbreakd
  • Fixes SSH as mobile
  • jbupdate functionality, /var/jb/basebin/jbctl update tipa <path/to/Fugu15.tipa> or /var/jb/basebin/jbctl update basebin <path/to/basebin.tar>, note that updating to a TIPA also updates basebin but depends on TrollStore being installed on the device
  • Update fallback ellekit for launchd hook, properly implement fallback using rpaths
  • Delete more Xina leftover Xina files on jailbreak
  • Lots of stability improvmeents
Fugu15.tipa[permanent dead link]
Public Beta 6 13 April 2023 (2023-04-13)
  • Fix some memory corruptions in the systemwide and launchd hooks, should fix "initproc exited" random panic
Fugu15.tipa[permanent dead link]
Public Beta 7 14 April 2023 (2023-04-14)
  • Fix setuid properly, fixes NewTerm and probably other stuff too
  • Transition to stable Sileo 2.4, only applied on new bootstraps
Fugu15.tipa[permanent dead link]
Public Beta 8 (Final Beta) 18 April 2023 (2023-04-18)
  • Add workaround for fork() and vfork() inside processes that have hooks applied (previously the child would instantly crash)
  • Even better setuid solution (Thanks to @sbingner)
  • Update shipped Sileo to 2.4.4
  • Add option to hide / uninstall jailbreak environment to the app, accessible by long pressing on the jailbreak button (stop gap solution until final version with proper UI), ONLY USE WHILE NOT JAILBROKEN
  • The alert that appears after jailbreaking now has a button to do the userspace reboot (stop gap solution until final version with proper UI)
Fugu15.tipa[permanent dead link]
1.0 3 May 2023 (2023-05-03)
  • Initial Release
Dopamine.tipa[permanent dead link]
  • Fix userspace reboot getting stuck when tweaks are disabled inside Dopamine app settings
  • Attempt to fix an app crash
Dopamine.tipa[permanent dead link]
  • Fix system instability caused by forkfix regression (Fixes system freezes when connected to a WPA Enterprise endpoint)
  • Rename iDownload option to clarify it's a Developer shell
Dopamine.tipa[permanent dead link]
1.0.3 6 May 2023 (2023-05-06)
  • Make jailbreakd more memory efficient and fix some small memory leaks
  • Remove hacky way to disable Jetsam for jailbreakd, maybe this fixes the spinlock panics, but it's a really far stretch so I doubt it
  • The update option inside the Dopamine app should now also work when the device is not jailbroken
  • (15.0 -15.3.1) Increase delay after disabling wifi because some people claimed it would improve the success rate
Dopamine.tipa[permanent dead link]
1.0.4 8 May 2023 (2023-05-08)
  • Fix forkfix leaking file descriptors under certain conditions
  • Adapt forkfix to be more similar to regular fork
  • Work around issue with dpkg-deb just randomly failing if forkfix is used, this issue does not make any sense (issue triggers with a fork implementation 1:1 identical to the system one, but not on the system one itself, there really is some voodoo going on here), so I solved it by blocking tweak injection into dpkg-deb
  • Add IPC hook, supporting system wide access to match services prefixed with cy: or lh:
  • Update fallback Ellekit to 0.6.3
  • Some UI improvements (#87, #131, #120), thanks to @sourcelocation
Dopamine.tipa[permanent dead link]
1.0.5 12 May 2023 (2023-05-12)
  • Fix an issue with forkfix where it would break reinstalling dpkg
  • Automatically fix the permissions of /private/preboot/<UUID> when jailbreaking in case they are wrong (Wrong permissions can cause SSH / NewTerm to not work)
1.1 16 June 2023 (2023-06-16)
  • Improve PPLRW performance by a factor of ~1000x
  • Fix all remaining forkfix issues, now works completely reliably, fork is also way faster now thanks to the PPLRW improvements mentioned above
  • Fix some race conditions with kcall and PPLRW
  • Add a watchdogd hook that intercepts userspace panics due to watchdog timeouts and instead disables tweak injection and triggers a userspace reboot (demo video:
  • Add a ptrace hook that unconditionally allows debugging processes (via debugserver or other tools), even when tweak injection has been disabled
  • Refactor iDownload and put it in it's own daemon, this now works through userspace reboots and the daemon can be enabled / disabled in real time in the Dopamine app, also fixes deep sleep panic when iDownload is enabled
  • Fix "opainject not found" error that could happen under rare circumstances when rejailbreaking
  • Refactor systemhook to make it more maintainable in the future
  • Deprecate /usr/lib/sandbox.plist in favor of storing sandbox extensions in the environment of spawned processes, improves security
  • Add JB_ROOT_PATH environment variable that gets injected into all processes that have tweaks enabled, there have been some talks in making the /var/jb symlink optional in the future to better protect against jailbreak detections. If that actually materializes, this environment variable will be the way to know where the rootless jailbreak root directory is.
  • Fix jbctl not setting debugged flags correctly (Thanks to @XsF1re)
  • Disable tweak injection into the Dopamine app itself as some jailbreak detection tweaks were blocking it's ability to check whether the device is jailbroken
  • Stop using installed ellekit dylib for launchd hook, should prevent the jailbreak from fully breaking when a broken ellekit build is installed
  • Fix libKRW kalloc / kfree not working correctly due to mismatching signatures
  • Enable several compiler optimizations for base binaries
  • Add a mechanism where xina symlinks (e.g. /var/LIY) will not be automatically removed on rejailbreak if the file /var/.keep_symlinks exists
  • Improve Wi-Fi disabling code to make a better effort at preserving the Wi-Fi state before the jailbreak attempt (Thanks to @singlekeycap for the suggestion)
  • Several localizations have been updated
Dopamine.tipa[permanent dead link]
1.1.1 8 July 2023 (2023-07-08)
  • Add crash reporter for launchd crash reports, when launchd crashes now you will receieve a detailed separate crash log, alongside the (incredibly cryptic) "initproc exited" panic
  • Fix several wrong offsets related to the ptrace hook
  • Fix bug in macho parser where it would fail when parsing the dependencies from certain libraries
  • Improve wifi reenable reliability
  • Update opainject to 1.0.6
Dopamine.tipa[permanent dead link]
1.1.2 10 July 2023 (2023-07-10)
  • Disable launchd crash reporter again, as this triggered a lot of jailbreak detections (No idea how they detect this or what specifically they check for :/)
  • Disable jailbreak button when the device / version combination is unsupported
Dopamine.tipa[permanent dead link]
1.1.3 2 August 2023 (2023-08-02)

NOTE: When OTA updating to this release your device will reboot, unlike other releases where it would do a userspace reboot, this is expected, you will have to rejailbreak manually afterwards

  • Transition away from old PPLRW method to a new PPLRW method that works by mapping in the entire kernel physical address space into the userland process, this fixes all remaining issues with PPLRW such as multithreading support and TLB issues (unfortunately this is also what breaks jbupdate'ing with just a userspace reboot, as the primitives from earlier versions cannot easily be transferred to this one)
  • Reenable launchd crash reporter in a way that cannot be detected by apps
  • Hide uninstall jailbreak button when jailbroken as it didn't work properly in this state, only appears in unjailbroken mode now
  • Fix iDownload option not working (probably hasn't worked since 1.1, because there was a dumb issue with codesigning the idownloadd binary, sorry)
Dopamine.tipa[permanent dead link]
1.1.4 5 August 2023 (2023-08-05)
  • Fix unreliability when jailbreaking on A14 (1.1.3 regression)
  • Make forkfix only load when absolutely neccessary rather than inside every single process that is able to fork (This should decrease spinlock panic frequency back to how it was on pre-1.1, but tweaks with C function hooks will obviously still cause it, also the effectiveness of this change has not been confirmed yet, but at least it shouldn't make anything worse)
1.1.5 17 August 2023 (2023-08-17)
  • Minor PPLRW improvements (better address translation, prevent process crashes when passing an invalid physical address)
  • Remove some leftover debug logs in launchdhook from during the 1.1.3 development phase
1.1.6 10 September 2023 (2023-09-10)
  • Update the bundled packages of Sileo and Zebra to their latest versions
1.1.7 21 September 2023 (2023-09-21)
  • Potentially fix spinlock panics??? (or at least make them less likely...) (actually it's a workaround becuase it's a stock bug yada yada, but doesn't matter anymore) THANKS TO @RootHide
1.1.8 14 October 2023 (2023-10-14)
  • Fix issues with trustcaching machos that have both old and new ABI arm64e slices
  • Fix several bugs in system wide exec(cve/cle/lp/v/vp/vP) hooks, which could cause arguments and environment variables to become malformed
  • Fix a path finding bug in execvP hook
  • Add missing execl hook
1.1.9 21 October 2023 (2023-10-21)
  • Fix a bug where jailbreakd would crash while parsing a malformed MachO with an empty dependency path, this issue also prevented rejailbreaking if such a file existed somwhere inside /var/jb
  • Also parse LC_LAZY_LOAD_DYLIB and LC_LOAD_UPWARD_DYLIB when scanning for dependencies to add to TrustCache
  • Make execvp and execvP function reimplementations behave more closely to their stock implementations
1.1.10 24 October 2023 (2023-10-24)
  • Fix an issue where on some devices launchd would get killed by jetsam during the initial userspace reboot, resulting in a kernel panic (1.1.3 regression)
  • Fix an issue where under some super rare circumstances some incorrect code path could invoke the functionality of the "Hide Jailbreak" button without it being pressed
  • Fix a miniscule and rare memory leak
1.1.11 20 November 2023 (2023-11-20)
  • Fix "Invalid kernel stack pointer" random panic
  • Apply forkfix for forks coming out of the daemon() and forkpty() functions
  • Fix a bug in the codesign bypass where the wrong slice could get trustcached in some rare circumstances, causing the binary to fail to spawn
  • Fix a minor inaccuracy in the execve systemwide hook
2.0 16 February 2024 (2024-02-16)
  • Add support for arm64e iOS 15.5 - 16.5.1
  • Add support for arm64 15.0 - 16.6.1 (A8 not supported for now) (by u/kok3shidoll)
  • Support installation via sideloading (Only works on non beta iOS versions using libgrabkernel for now, also a few features are only supported when installing via TrollStore)
  • Rewrite the jailbreak app in Objective C with flexibility in mind (UI has been written by u/tomt000)
  • Add exploit picker (only kfd for now, more exploits for older versions will be added later) - Add themes to app (in app + icon)
  • Add support for using NSTask from tweaks, previously was unsupported, calling it from apps and other processes is also possible but you will have to call `dopamine_fix_NSTask()` yourself beforehand
  • Remove libfilecom, switch to using XPC for handoff communication - Deprecate jailbreakd in favor of launchd hook
  • Instead of boot_info.plist, all jailbreak related info is now stored inside launchd and can be retrieved via XPC
  • Rework kcall handoff to be stateless
  • Rework trustcaching to be stateless
  • Replace kernel patchfinder with XPF (
  • Fix various issues with trustcaching
  • Include libroot provider library (
  • Make libkrw actually work (Yes, it was broken all throughout 1.x and nobody noticed)
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[permanent dead link]
  • Fix XPF not working on 15.0.x arm64e
  • Fix an app crash during the jailbreak process
  • Fix an app crash when launching the app on a jailbreak that is not Dopamine (this is still not really supported)
Dopamine.ipa[permanent dead link]
Dopamine.tipa[permanent dead link]
  • Fix new bootstrap getting created every rejailbreak (super dumb 2.0.1 regression...)
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[permanent dead link]
  • Fix localization fallback not properly working (would show placeholder instead of english when no localization for the selected language was available)
  • Don't attempt jbupdate if the phone is not already jailbroken
  • Fix an issue where PAC primitives would get lost during a jbupdate, causing the launch of a sideloaded Dopamine app to trigger a kernel panic on <15.2
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[permanent dead link]
2.0.4 17 February 2024 (2024-02-17)
  • Actually fix libkrw not working (The 2.0 changelog was lying...)
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[permanent dead link]
  • Improve kfd reliability by memory hogging, also fixes support for devices with 16GB RAM, contributed by @dhinakg
  • Fix an issue where /var/jb/var/mobile would get the wrong file permissions on new bootstraps (Fixed retroactively on next rejailbreak)
  • Improve the way injection into problematic processes is blocked
  • Block injection into dataaccessd because it seemed to be crash looping for some users
  • Fix verbose logs not showing in error log when they aren't enabled
  • Actually print the error that caused the failure in the error log........
  • Fix app crash on iPads when sharing log
  • Fix a random app crash while jailbreaking
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[Archived 2024-02-21 at the Wayback Machine]
2.0.6 21 February 2024 (2024-02-21)
  • More kfd adjustments, should be even more reliable now (Contributed by @dhinakg)
  • Fix a random panic caused by a launchd crash when trusting certain files
  • Fix boomerang zombie processes getting created when userspace rebooting
  • Workaround a stock bug where nano launch daemons would not get registered after a userspace reboot, resuling in some apple watch functionality breaking
  • Various UI improvements (Contributed by @tomt000)
  • Fix a race condition resulting in an app crash during jailbreaking
  • Fix support for iOS 16.4b1 - 16.4b3
  • Properly abort with an error if creating /var/jb fails
  • Prefer physpuppet over landa on devices that support it
  • Fix smith and physpuppet being selectable on iOS 15.x, even on versions that they do not support
Dopamine.ipa[Archived 2024-02-22 at the Wayback Machine]
Dopamine.tipa[permanent dead link]
2.0.7 24 February 2024 (2024-02-24)
  • Fix several issues on arm64 (Battery section not loading, camera app not working, ...)
  • Improve hiding jailbreak to also remove jailbreak apps from icon cache while the jailbreak is hidden
  • Fix idownloadd getting started during userspace reboots even if iDownload was disabled in settings
  • Fix jailbreak not working when /var/jb is an actual directory and not a symlink, improve error handling regarding this
Dopamine.ipa[permanent dead link]
Dopamine.tipa[permanent dead link]
2.0.8 25 February 2024 (2024-02-25)
  • Fix VPN not working on arm64 (2.0.7 regression)
  • Fix iCloud settings being partially greyed out on arm64 (2.0.7 regression)
  • Fix apps not showing up in settings on arm64 (2.0.7 regression)
  • Fix support for iOS 15.0b1 - 15.0b3
Dopamine.ipa[permanent dead link]
Dopamine.tipa[permanent dead link]
2.0.9 29 February 2024 (2024-02-29)
  • Fix a super bad security issue where app store apps would be allowed to obtain full system captabilities (root + phys r/w) that were otherwise only intended to be accessible by root processes, as a result of this Dopamine 2.0.0 - 2.0.8 have been pulled and are no longer recommended to be used by anyone
  • Fix an issue where the arm64 related fixes of 2.0.7 and 2.0.8 were only working when ellekit was installed and tweak injection was enabled
  • Disable injection into terminusd and nesessionmanager on arm64 in an attempt to resolve issues with crash loops and VPN apps still not working for some users
  • Immediately allow invalid pages on all processes that are spawned via POSIX_SPAWN_START_SUSPENDED, this fixes an issue where several Frida features would not work correctly
  • Actually fix support for early iOS 15.0 betas (2.0.8 changelog lied)
2.0.10 8 March 2024 (2024-03-08)
  • Fix jailbreaking not working when developer mode was disabled (Developer mode will now be enabled in a non persistent way for the current boot)
  • Fix NECP connections failing after some time on arm64 (Apple Watch, VPN...)
  • Fix terminusd crashes on arm64, reenable injection into it and nesessionmanager
  • Automatically fix wrong permissions for /private and /private/preboot when jailbreaking
  • Fix app icons disappearing or no longer opening on OTA updates (Will only be fixed for future updates, not for the one to 2.0.10, also requires TrollStore 2.0.13)
2.0.11 10 March 2024 (2024-03-10)
  • Actually fix relevant file path permissions when rejailbreaking (previously the method for this existed but was never called, sigh...), this should now actually automatically fix issues such as NewTerm / SSH not working
2.1 30 April 2024 (2024-04-30)
  • Add support for A8(X) devices
  • Fix Dopamine app instantly crashing when installed using TrollStore on A8 devices
  • Add kcall implementation on arm64 iOS 15.x (this was needed for A8 support)
  • Use kcall for allocating page tables when available
  • Improve performance of some parts of the jailbreaking process by ~1000x (because A8 was getting stuck in them for multiple minutes.....)
  • Fix support for some obscure device / version combinations (e.g. A9 15.0.1, early 15.0 betas, etc...)
  • Add weightBufs and multicast_bytecopy as Kernel exploit options
  • Protect system files in preboot partition so users cannot delete them and cause the device to recovery loop
  • Add "Allow JIT in Apps" toggle, enabled by default, when enabled this will add CS_DEBUGGED to apps (Note: This has no effect on apps that have tweak injection disabled via Choicy)
  • Fix /var/mobile/Library/Application Support/Containers/, /var/mobile/Library/SplashBoard/Snapshots/ getting polluted with some jailbreak files
  • Fix jailbreak apps disappearing after the system (or TrollStore) reloads the icon cache
  • Add back "Change mobile password" option in Dopamine settings
  • Revamp jbctl trustcache management, new commands: jbctl trustcache info, jbctl trustcache clear, jbctl trustcache add
  • Switch to libgrabkernel2 (@alfiecg24, @dhinakg), removes the requirement for Dopamine to be installed by TrollStore on beta versions
  • Fix smith not working on iOS 15
  • Order exploits by recommendation score, add "(Recommended)" to the best one
2.1.1 1 May 2024 (2024-05-01)
  • Fix codesigning bypass failing on binaries/libraries that have an armv7s slice (Fixes Designer not working) [2.1 regression]
  • Fix sharing files to jailbreak apps not working in some instances [2.1 regression]
  • Fix string corruption in sandbox bypass, the fact I never noticed this before means it probably wasn't that bad of an issue (don't use strcat on uninitialized stack buffers!)
2.1.2 2 May 2024 (2024-05-02)
  • Fix app switcher not displaying preview images of jailbreak apps in some cases [2.1 regression]
  • Sandbox: Allow writing to /var/jb/var/mobile system wide
2.1.3 7 May 2024 (2024-05-07)
  • Fix system deadlocks on some devices resulting in watchdogd timeout [2.0 regression]
  • Recursively fix /var/jb/var/mobile permissions on userspace reboots and rejailbreaks (Fixes file sharing with jb apps still not working for some people)
  • Fix codesigning bypass not working on binaries that have an armv6 slice (There probably isn't a single binary with such a slice though) [2.1 regression]
  • Fix multicast_bytecopy not working on iPad Mini 6 (Contributed by @m1zole)
  • Only automatically fix up permissions of relevant directories inside /var/jb/var/mobile, rather than the entirety of it
  • Skip permission fix up if either /var/jb/var or /var/jb/var/mobile is a symbolic link, previously there was a bootloop risk if either of those point to the real /var or /var/mobile