The ESP32 has 1024 bits of E-fuse memory that is One Time Programmable(OTP)
Once programmed, or blown, the contents cannot be changed and the contents are retained after power is removed.
Inside ESP32, the OTP is based on eFuses technology (electronic Fuses), in order to store system parameters, security configuration and sensitive data.
Fundamentally, an eFuse is a single bit of non-volatile memory with the restriction that once an eFuse bit is programmed to 1, it can never be reverted to 0.
The 1024 bit are in 4 256 bit Blocks, BLK0, BLK1, BLX2 and BLK3.
EFUSE_BLK0 is used entirely for system purposes,
EFUSE_BLK1 is used for Flash Encryption Key (FEK),
EFUSE_BLK2 is used for Secure Boot Key (SBK),
EFUSE_BLK3 can be partially reserved for the custom MAC address, or used entirely for user application.
BLK0 reserved for Espressif
The BLK0 has the factory pre programmed unique 48bit MAC address for your ESP32 board (bits 32-79 BLK0) and the 8 bits CRC checksum (bits 80-87 BLK0) for the MAC address.
BLK3 user application
The BLK3 has 256 bits all unprogrammed and unset at 0, that can be used for storing a custom one time e-fuse data.
A unique 48 bit custom MAC address for your ESP32 board can be stored here (bits 8-55 BLK3) with also a 8 bit custom CRC checksum for the custom MAC address (bits 0-7 BLK3).
BLK3 also has space for ADC calibration data
there are
External links
eFuse Manager https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/efuse.html
to using the security e-fuses https://limitedresults.com/2019/11/pwn-the-esp32-forever-flash-encryption-and-sec-boot-keys-extraction/