20 lines
1.0 KiB
Markdown
20 lines
1.0 KiB
Markdown
|
# CCTF Challenge for Polkadot Metaverse Championship
|
||
|
|
||
|
## Description
|
||
|
CCTF is a Capture the Flag (CTF) game. CTF in computer security is an exercise in which 'flags' are secretly hidden in purposefully-vulnerable programs or websites. Competitors steal flags either from other competitors (attack/defense-style CTFs) or from the organizers (jeopardy-style challenges).
|
||
|
|
||
|
From CCTF volume 9, we have started to use a decentralized system: Solidity smart contract deployed and players send signed messages. Flags became private keys. We replaced CTFd to our smart contract, but it needs improvements.
|
||
|
|
||
|
## Task
|
||
|
|
||
|
Improve the CCTF smart contract. You can improve the flag submission (eg. fix the hidden vuln from the last game), add features or create a frontend. Be creative, make something useful.
|
||
|
|
||
|
|
||
|
## Links, sources
|
||
|
|
||
|
Solidity smart contract deployed address is 0x36a1424da63a50627863d8f65c0669da7347814a - find on Polygon network.
|
||
|
|
||
|
Website: https://cryptoctf.org/
|
||
|
|
||
|
Blog the ECDSA forgery: https://cryptoctf.org/2022/09/11/writeup-of-flag-submission-forgery-by-si/
|