Update Main_Challenges.md

Thank you anon user for the input.

Main_Challenges.md

@@ -0,0 +1,153 @@
+#  The Instituational Track: DeGov
+
+## Description
+
+The Institutional Track, known as DeGov (Decentralized Governance), is designed to explore the application of decentralized governance models in institutional settings. This track focuses on creating innovative solutions that enable more democratic, transparent, and efficient governance structures within organizations, governments, and other institutional entities.
+
+## What to do on this track?
+
+Participants aree tasked with developing decentralized governance systems, tools for voting and decision-making, and systems for managing institutional processes in a decentralized manner. The goal is to create scalable and secure solutions that can be adopted by large entities to improve governance and stakeholder participation.
+
+## Use-case ideas
+
+If you need some ideas, here is a list of use-cases:
+
+- Proof of personhood
+- DAO infrastructure (global network with many local groups of people)
+- Decentralized Voting Systems
+- Public Policy Decision-Making
+- Transparent Budget Allocation
+- Decentralized Project Management
+- Immutability: Connecting private blockchain to public
+- Conflict Resolution Mechanism
+- Insurance and proving events
+
+## Where to start?
+
+https://polkadot.com/ - Always start here and look at already existing projects, SDKs and tools you can use to build your project.
+
+https://unique.network/ - If you want to create an NFT based project.
+
+https://g.g6.network/g6-networks-release/ - If you want to build on G6 Network's technology stack.
+
+https://www.mandalachain.io/ - If you want to build for onboarding users.
+
+## Unique Network - Specific Challenge
+
+Topic: NFT as a data containter
+
+Type: Data obfuscation in an on-chain NFT record - managing data access and visibility.
+
+Description: The challenge is based around the concept of on-chain and off-chain data storage accessibility in terms of data obfuscation. Unique Network NFTs provide a very flexible mechanism for storing data both on-chain and off-chain including handling mutability and rights in that respect (who can modify). The question of who is allowed to see the raw data is a completely different issue and is handled at the application level. Your task is to come up with a simple mechanism which allows data obfuscation of data stored via the NFT providing a way for an application to manage which data can be publicly visible and which is obfuscated and availible only to the application. There are no limitations set in regard to how obfuscation is performed, it is entirely in at the discretion of the developer/hacker.
+
+- Demo of a collection and token: https://github.com/UniqueNetwork/workshop-nft-data
+- SDK: https://docs.unique.network/build/sdk/getting-started.html
+- Accounts and Wallets: https://docs.unique.network/tutorials/work-with-accounts.html
+- Unique Schema 2.0: https://docs.unique.network/tutorials/createCollectionV2 https://docs.unique.network/reference/schemas/
+- React Boilerplate: https://github.com/UniqueNetwork/accounts-react-example
+
+Mentor from Unique: Max Andreev - Senior Developer (availability for mentoring slots on Telegram - check mentoring group chat)
+
+## G6 Network - Specific Challenge
+
+Topic: Citizens of Polkadot
+
+Type: Front-end for Substrate based blockchains
+
+Description: Research Proof of Personhood and use the frontend solutions of G6 Networks to build on. You'll need to connect to https:/testnet.g6.network/ and create a useful product for the Polkadot citizens. Who are the citizens of Polkadot? Anyone who uses Polkadot and engages with the community. We are decentralized and autonomous. Create your futuristic dream product for a global network of many local groups.
+
+- G6 Networks open source code and front-end: https://g.g6.network/g6-networks-release/
+- G6 Networks White paper: https://g6-networks.gitbook.io/g6-networks/
+- G6 networks official Telegram group: https://t.me/g6networks
+
+Mentors: Serge, Johan and six (availability for mentoring slots on Telegram - check mentoring group chat)
+
+## How to submit?
+
+Submit your solution in email to: contact@cryptoctf.org
+
+What to include: Project name, description, which ecosystem or team you built it for*, git link and presentation link (can be in git).
+
+*On this track you can choose from: Polkadot (anything Polkadot/Substrate, up to $2000 rewards), Unique Network (Up to $2000 rewards), G6 Networks (Up to $10000 rewards), Mandala Chain (Up to $10000 rewards), GotEm (up to $2000 rewards). You can also choose two projects, eg. Polkadot and G6 Networks, but you'll get a harder time scoring.
+
+
+# The Physical Track: RWA and DePin
+
+## Description
+
+The Physical Track focuses on Real-World Assets (RWA) and Decentralized Physical Infrastructure Networks (DePin). This track aims to bridge the gap between the digital and physical worlds by leveraging blockchain technology to tokenize and manage physical assets, as well as to build decentralized networks for physical infrastructure.
+
+## What to do on this track?
+
+Participants work on projects that involve the tokenization of real-world assets, such as real estate, commodities, or physical products. Additionally, they will develop decentralized networks and protocols that facilitate the management and operation of physical infrastructure, ensuring transparency, security, and efficiency. They can mix the two technologies use choose to build only RWA or only DePin focues programs, applications.
+
+## Use-case ideas
+
+If you need some ideas, here is a list of use-cases:
+
+- Decentralized Energy Networks
+- Supply Chain Transparency
+- Crowdsourced Physical Infrastructure
+- Decentralized Storage Networks
+- Tokenized Real Estate (that's probably the worst idea)
+
+## Where to start?
+
+https://polkadot.com/ - Always start here and look at already existing projects, SDKs and tools you can use to build your project.
+
+https://unique.network/ - If you want to create an NFT based project.
+
+https://g.g6.network/g6-networks-release/ - If you want to build on G6 Network's technology stack.
+
+https://mosaicchain.io/ - They have a unique validator selection consensus connected to NFT and possible DePin features.
+
+## How to submit?
+
+Submit your solution in email to: contact@cryptoctf.org
+
+What to include: Project name, description, which ecosystem or team you built it for*, git link and presentation link (can be in git).
+
+*On this track you can choose from: Polkadot (anything Polkadot/Substrate, up to $2000 rewards), Unique Network (Up to $2000 rewards), G6 Networks (Up to $10000 rewards), Mandala Chain (Up to $10000 rewards). You can also choose two projects, eg. Polkadot and G6 Networks, but you'll get a harder time scoring.
+
+
+# AI on Blockchain Track: For real?
+
+## Description
+
+The AI on Blockchain Track explores the integration of artificial intelligence with blockchain technology. This track challenges participants to create innovative applications that leverage the strengths of both AI and blockchain to solve complex problems, enhance security, and provide new capabilities in various domains.
+
+## What to do on this track?
+
+Participants focus on developing AI-driven systems, decentralized AI models, and blockchain-based platforms for training and deploying AI algorithms. The goal is to demonstrate the potential of combining AI and blockchain to create intelligent, autonomous, and secure systems.
+
+## Use-case ideas
+
+If you need some ideas, here is a list of use-cases:
+
+- Anti-AI algos, differntiating between human and AI/deepfakes
+- Autonomous AI Agents
+- Decentralized AI Model Training
+- AI-Driven Smart Contracts
+- AI-Based Fraud Detection
+- AI-Powered Predictive Analytics
+
+
+## Where to start?
+
+https://polkadot.com/ - Always start here and look at already existing projects, SDKs and tools you can use to build your project.
+
+https://polkabot.ai/ - AI-powered education on chain, in the Polkadot ecosystem.
+
+https://www.cere.network/ - Decentralized storage solution for streaming and AI.
+
+https://github.com/Qrucial/QRUCIAL-DAO/ - QRUCIAL DAO's solution for connecting off-chain executables to on-chain decisions.
+
+## How to submit?
+
+Submit your solution in email to: contact@cryptoctf.org
+
+What to include: Project name, description, which ecosystem or team you built it for*, git link and presentation link (can be in git).
+
+*On this track you can choose from: Polkadot (anything Polkadot/Substrate, up to $2000 rewards), Unique Network (Up to $2000 rewards), G6 Networks (Up to $10000 rewards), Mandala Chain (Up to $10000 rewards), Cere Network (up to $2000 rewards). You can also choose two projects, eg. Polkadot and G6 Networks, but you'll get a harder time scoring.
+
+

Main_Challenges/CCTF/Challenge.md

@@ -1,19 +0,0 @@
-# CCTF Challenge for Polkadot Metaverse Championship
-
-## Description
-CCTF is a Capture the Flag (CTF) game. CTF in computer security is an exercise in which 'flags' are secretly hidden in purposefully-vulnerable programs or websites. Competitors steal flags either from other competitors (attack/defense-style CTFs) or from the organizers (jeopardy-style challenges).
-
-From CCTF volume 9, we have started to use a decentralized system: Solidity smart contract deployed and players send signed messages. Flags became private keys. We replaced CTFd to our smart contract, but it needs improvements. 
-
-## Task
-
-Improve the CCTF smart contract. You can improve the flag submission (eg. fix the hidden vuln from the last game), add features or create a frontend. Be creative, make something useful.
-
-
-## Links, sources
-
-Solidity smart contract deployed address is 0x36a1424da63a50627863d8f65c0669da7347814a - find on Polygon network.
-
-Website: https://cryptoctf.org/
-
-Blog the ECDSA forgery: https://cryptoctf.org/2022/09/11/writeup-of-flag-submission-forgery-by-si/

Main_Challenges/KILT/Challenge.md

@@ -1,16 +0,0 @@
-# KILT Protocol Challenge for Polkadot Metaverse Championship
-
-## Description
-With the birth of the metaverses digital identities are will be an integral building block of Web3. 
-We have seen identity abused on the application layer in Web2, let's not do the same mistake when building out the metaverse.
-DIDs are the decentralized identifiers for the future of Web3, and this challenge is to make them usable for the metaverse.
-
-## Task
-- Integrate KILT DIDs into a metaverse project as an identity layer (e.g. Kusamaverse).
-- Add authentication to the metaverse
-- Be creative!
-- BONUS: make a PR into the metaverse project's repo 
-
-## Links, sources
-docs.kilt.io
-kusama.momentum.xyz

Main_Challenges/Momentum/Challenge.md

@@ -1,10 +0,0 @@
-# Momentum/Kusamaverse Challenge for Polkadot Metaverse Championship
-
-## Description
-This is a creative challenge, we recommend to use it as a proposal challenge.
-
-## Task
-Get into Kusamaverse and figure out how you'd improve it or rebuild it from scratch to create an even better metaverse experience. Remember, Kusamaverse is focused on collaboration and working together. How would you improve it?
-
-## Links, sources
-https://kusama.momentum.xyz/

Main_Challenges/OnlyForJudgesMentors/Challenge.md

@@ -1,14 +0,0 @@
-# Judge&Mentor Challenge for Polkadot Metaverse Championship
-
-## Description
-Fun challenge for the judges and mentors. Totally optional, but it is cool to show-off your skills! Show everyone why you are in the position! :)
-
-## Task
-1. Play an arcade or VR game with other judges/mentors.
-2. Record the experience on blockchain (anything works, be creative, try to make it fun)
-
-Tip: you could use some strange languages, encoding or fun, unusual practices to solve this. Eg. Bitcoin's smart contract or this:
-++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++
-
-## Links, sources
-It doesn't apply here :) You have the whole location, show us something cool!

Main_Challenges/Privacy_Research/Challenge.md

@@ -1,23 +0,0 @@
-# Privacy Challenge for Polkadot Metaverse Championship
-
-## Description
-This is a privacy research challange. Take is as a proposal. 
-
-## Task
-Do a research on privacy and what data is taken by the chosen project - list below. You need to test what kind of data can be logged and where by the service provider, for example: does the backend receive your browser user-agent, screen resolution, battery state, etc. We know some of the projects listed here have serious issues, but a clear collection of what data is taken and where would it be stored could make things more transparent and increase awareness.
-
-So the task is to do the research, create list about data sent to the project servers/nodes and draw a topology. Don't spend on it more than an hour.
-
-Ideas on what to look for:
-- Data in the HTTP/API requests
-- Data in the WSS channels
-- Network data
-- Think about timing and even if you have multiple addresses, balance checks can give a good base for statistics on which addresses belong to the same wallet/browser
-- Consider what would happen if you use the service through proxy/TOR/etc
-
-## Links, sources
-https://kusama.momentum.xyz/
-https://polkadot.js.org/
-https://www.talisman.xyz/
-https://metamask.io/
-https://acala.network/

Main_Challenges/Proposal.md

@@ -1,14 +0,0 @@
-# Proposal Template - Challenge Name
-
-## Team name
-Add your team's name here.
-
-## Short description of your proposal
-A few sentences on what your team is proposing.
-
-## Technical details
-Explain the technical details and how you'd solve the challenge. Optionally you can add pseudocode.
-
-## Topology
-
-Please provide a drawn topology, you can use https://draw.io/

Main_Challenges/RMRK/Challenge.md

@@ -1,18 +0,0 @@
-# RMRK Challenge for Polkadot Metaverse Championship
-
-## Description
-RMRK (pronounced "remark") is a set of NFT legos that give NFTs infinite extensibility, hosted on the Kusama blockchain, Polkadot's canary network, without the need for parachains or smart contracts.
-
-## Task
-
-Be creative, chose one from below and implement it in the 24 hours or create a proposal.
-
--Ticketing system as in docs - for metaverse events (https://docs.rmrk.app/usecases/ticketing)
--Skill system as in docs (https://docs.rmrk.app/ownershipxp)
--An atomic swap widget for RMRK nfts
--A replicable collection indexer which is installable on any machine locally and only indexes the desired collections, for building project-specific markets
--A MV smart-city in Kanaria Skybreach - with equippable buildings and roads
--Anything from docs usecases (https://docs.rmrk.app/usecases)
-
-## Links, sources
-https://www.rmrk.app/

Main_Challenges/Unit/Challenge.md

@@ -1,130 +0,0 @@
-# Unit Challenge for Polkadot Metaverse Championship
-
-## Unit Network - Collaboration Track Challenges
-
-Participants may choose any one of the three challenges below to complete in a 24hr period. 
-
-Each challenge relates to a combination and/or extension of existing Substate palettes.
-
-An emphasis is to provide the freedom and incentive for each participant to produce something useful related to any of the three options below. As such these are generic overviews to explain the desired application of each palette. 
-
-Participants will be judged on the novelty, simplicity and security of their solutions. Please chose only one from the challenges below. 
-
-## 1. Badges Module
-
-### Challenge 
-
-Create the simplest and most secure Badges Module in 24hrs. The three essential components are:
-
-- Non-transferrable once received from the creator
--¢ Can be set to expire within a specified timeframe
--¢ Can be batch transferred to selected account / wallets
-
-Note: Any additional parameters that enhance the usability and feature set of the Badges Module will also be considered favourably by the judges.
-
-
-### Overview 
-
-The Badges Module provides functionality for asset management of ‘conditional’ fungible asset classes akin to Proof of Attendance Protocol tokens (POAPs) and Soulbound Tokens (SBTs) including:
-
--¢ Asset Issuance
--¢ Asset Transfer (limited to a single transfer, can be batch transferred)
--¢ Asset Expiry (set by creator but not required)
--¢ Asset Destruction (if received but unwanted)
-
-
-### Terminology
-
-- Asset Issuance: The creation of a new asset instance
-- Asset Transfer: The action of transferring an asset instance from one account to another
-- Asset Burning: The destruction of an asset instance
-- Fungible Asset: An asset whose units are interchangeable 
-- Conditional Fungible Asset: An asset whose units are interchangeable but have conditions set by the creator to specify functionality
-
-
-### Goals
-
-The badges system in Substrate is designed to make the following possible:
-
-- Issue a conditional asset to it’s creators account
-- Move asset to another account (one time) non-transferable after being received 
-- Optionality to set an expiry date of the asset after which it is burned and removed from the total supply. 
-- Remove an accounts balance of an asset when requested by the asset creator and update the assets total supply.
-
-
-### Usage
-
-The following example shows how to use the Badges Module in your runtime by exposing public functions to:
-
--  Issue a new conditional fungible asset set for a badge distribution event (airdrop)
--  Query the conditional fungible asset holding balance of an account
--  Query the total supply of a fungible asset that has been issued
-
-
-### Use-cases
-
-Similar to SBTs and POAPs, the Badges Module may be used to:
-
--  Issue non-transferrable certificates (badges) to graduates of a course or program (Additionally with an option for the badges to expire, requiring the graduates to do a course refresher or to earn a new valid / current badge.)
-
-- Issue non-transferrable proof-of-attendance at an event 
-
-- Issue a non-transferrable proof-of-participation / position in a community, team or initiative
-
-- Issue a non-transferrable ticket to access to an event 
-
-
-## 2. Subscription Module
-
-###Challenge
-
-Create the simplest and most secure Subscription Module in 24hrs. The three essential components are:
-
--  Allow authorisation of a recurring fungible asset debit, signed in a single transaction based on a time period set by subscription creator
--  Subscription can be cancelled on either side, by the user wallet or subscription creator
--  Query the success of each recurring asset transfer with a clear output value 
-
-Note: Any additional parameters that enhance the usability and feature set of the Subscription module will also be considered favourably by the judges.
-
-### Overview
-
-The subscription module provides functionality to create an automated recurring asset debit from authorised wallets for a set period of time, or until cancelled by the wallet owner or subscription creator including:
-
--  Subscription Creation
--  Subscription Details
--  Subscription Plan
--  Subscription Start Date
--  Subscription Expiry Date
--  Subscription Amount
--  Subscription Period 
--  Subscription Period Description
--  Subscription Unique
--  Subscription Cancellation
-
-### Terminology
-
--  Subscription Creation: The creation of a new subscription instance
--  Subscription Details: Holds the details of the subscription instance
--  Subscription Plan: Type of subscription plan
--  Subscription Start Date: (Optional) Date that the user will first be billed. (will default to the day the subscription is created if no startDate is specified)
--  Subscription Expiry Date: (Optional) Date the last payment is processed
--  Subscription Amount: Value in defined asset that the user pays at specified frequency
--  Subscription Period: How often the user will be billed
--  Scheduled Asset Transfer: The Automated Direct debit of assets from an authorised user wallet to a wallet defined by the subscription creator
--  Subscription Unique: This value allows a single account to have more than one subscription
--  Subscription Cancellation: Can be cancelled by either user wallet or subscription creator
-
-### Goals
-
-The Subscription module in Substrate is designed to make the following possible:
-
--  Create a recurring debit contract between user wallets and a subscription creator
--  Define subscription parameters 
--  Query the success of each recurring asset transfer with a clear output value 
-
-
-### Use-cases
-
--  Create an automatic, token powered paywall to manage access to content or communities
-
--  Create a community / patron subscription model

Prequalification_Challenges/business_dev/README.md

@@ -0,0 +1,24 @@
+## Web3 Business Plan - Exactly.
+
+You will get the flag after successfully submitting a Web3 project business plan of a deeply technical project. Maximum 5 pages and better to include a topology!
+
+Requirements to be included in the .pdf document to pass:
+
+1. The idea needs to be focusing on web3/blockchain technology.
+2. Executive summary: What is being solved here, why do you initiate the web3 business?
+3. Product description and explanation of the solution with technical terms
+4. Team, roles and responsibilites
+5. Financial planning for the first year (with strong focus on what products, services will bring income to the project)
+6. Roadmap to your self-sustaining project (with strong focus on revenue calculations)
+
+Remember to keep asking yourself: how will this project make money?
+
+We recommend to create a plan for something you want to build during the hackathon. If you already have a team in your mind, you can submit the same plan together, but we will put a way harder scoring on you, as you are not doing that alone.
+
+You should be able to solve this challenge in a maximum of 5-8 hours, as we are not requesting a full detailed business plan. It is enough if we see that you understand why/how a project can succeed and stay alive on the market. If you need some help, here is a complete guide: https://www.youtube.com/watch?v=xLH-lNChzI4
+
+Send your ready web3 business plan to contact@cryptoctf.org and you get feedback after we have reviewed it. The flag will be sent as an answer mail.
+
+_Keccak256: 0xcbea517b9d896ea084e2978588dd17073adf2eaf2a5a01b8b9123ceb990c38d4_
+
+_Challenge author: six_

Prequalification_Challenges/entropy/README.md

@@ -0,0 +1,15 @@
+## Entropy with Shannon
+
+What is the Shannon Entropy of "Web3Mantra" after turning it into Base64, then to consecutive Hex (no space or any delimiters)? To generate the flag, insert the value with exactly 17 digits after the decimal point, for example: PC{4.325817531314781}
+
+Steps: Base64 -> Hex (None delimiters) -> Shannon entropy up to 17 digits
+
+If you have solved this challenge, please send your code along with the registration.
+
+Reference: https://en.wikipedia.org/wiki/Entropy_(information_theory)
+
+Hint: The Cyber Chef is your friend.
+
+_Keccak256: 0x706fe2c39293c81a414eba40ba10c73a74fbbf1db135976f09eb886c1f25c308_
+
+_Challenge author: six_

Prequalification_Challenges/entry_solidity/README.md

@@ -0,0 +1,7 @@
+## You can figure it out - Entry Solidity challenge
+
+Find the flag in the smart contract. Easy.
+
+_Keccak256: 0x536735665ea9e6c2fe9a103cc8b2a32dcfa1f3c68974a2710425ecb71cc32af3_
+
+_Challenge author: six_

Prequalification_Challenges/entry_solidity/easy.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+contract PolkadotCTF {
+    address public winner;
+
+    event FlagCaptured(address indexed player);
+
+    // Encoded parts of the flag as byte arrays
+    bytes private part1 = hex"50437b497354686973";
+    bytes private part2 = hex"546865466c61674f72";
+    bytes private part3 = hex"644e6f747d";
+
+    // Function to decode the parts and get the full flag
+    function decodeFlag() public view returns (string memory) {
+        return string(abi.encodePacked(part1, part2, part3));
+    }
+
+    // Function to capture the flag
+    function captureFlag(string memory _solution) public {
+        string memory decodedFlag = decodeFlag();
+        require(keccak256(abi.encodePacked(_solution)) == keccak256(abi.encodePacked(decodedFlag)), "Incorrect solution");
+        winner = msg.sender;
+        emit FlagCaptured(msg.sender);
+    }
+
+    // Function to get the flag
+    function getFlag() public view returns (string memory) {
+        require(msg.sender == winner, "You are not the winner");
+        return decodeFlag();
+    }
+}

Prequalification_Challenges/hidden_in_rust/README.md

@@ -0,0 +1,7 @@
+## Get rusty from this old challenge
+
+Yes, I know that you know... if you have played CTFs before this is a nobr4in3r. Otherwise just look at the binary. Now you know why this challenge is rusty?
+
+_Keccak256: 0x16933d9797b98f43d30b30fd198c53b1ba3372f6a5d6a11faf08fa6d06e8b208_
+
+_Challenge author: six_

Prequalification_Challenges/ink/README.md

@@ -1,16 +0,0 @@
-## search&ink! challenge
-
-This challenge has four requirements to pass:
-
-1. Map the services behind 45.77.137.182 and a way to connect (Alice helps!)
-2. Find the flag on-chain! Format as in other challenges PMC{...}
-3. Deploy the flipper ink! smart contract from your player DOT address (the one you use in the prequalifer registration form) on 45.77.137.182
-4. Automate the coin clip function call and share the code through the registration form.
-
-This challenge requires you to have a basic understanding of Substrate and ink! smart contracts.
-
-Please make sure to upload your solution through the form when you submit it - a text file is enough with a short explanation.
-
-_Keccak256: 0x82703a464305aad655e2eb617f31e6e57b7e959bf8528f1d3b5968cc02ed60ac_
-
-_Challenge author: six_

Prequalification_Challenges/kusamaverse/README.md

@@ -1,10 +0,0 @@
-## Kusamaverse challenge
-
-This is a very simple challenge. Just find the Metaverse Championship space in the Kusamaverse and you will know what to do from there.
-[Kusamaverse Link](https://kusama.momentum.xyz/)
-
-You don't need to share any code or text for this challenge, just share share the flag.
-
-_Keccak256: 0x896c90f019d0aaa7977ce81c7d7299b1b43d302295f2d567509ab7e3060a797f_
-
-_Challenge author: six_

Prequalification_Challenges/rust/Cargo.toml

@@ -1,14 +0,0 @@
-[package]
-name = "pmc"
-version = "0.1.0"
-edition = "2021"
-
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
-[dependencies]
-base64 = "0.13.0"
-rand = "0.8"
-num-bigint = { version = "0.4", features = ["rand"] }
-byte_string = "1.0.0"
-num = "0.4.0"
-num-primes = "0.3.0"

Prequalification_Challenges/rust/Makefile

@@ -1,26 +0,0 @@
-prog :=pmc
-
-debug ?=
-
-$(info debug is $(debug))
-
-ifdef debug
-  release :=
-  target :=debug
-  extension :=debug
-else
-  release :=--release
-  target :=release
-  extension :=
-endif
-
-build:
-	cargo build $(release)
-	#strip -s ./target/release/$(prog)
-	#strip --strip-unneeded -R .note -R .comment -R .gnu.version -R .note.ABI-tag ./target/release/$(prog)
-	cp ./src/flag.txt ./target/release/
-	cp ./src/p.txt ./target/release/
-	cp ./src/q.txt ./target/release/
-
-help:
-	@echo "usage: make $(prog) [debug=1]"

Prequalification_Challenges/rust/README.md

@@ -1,13 +0,0 @@
-## Cryptography challenge (Rust)
-
-You are given the output of one cryptography system and the code that generates the output, the problem is we do not have access to the 3 files the code uses!
-
-The first one is the flag.txt and the others are two files that have random prime numbers P and Q!
-
-Can you help us decrypting the output and get the flag?
-
-This challenge requires you to have cryptography and coding skills. Any language is accepted to get the solution. Please make sure to upload your solution through the form when you submit it.
-
-_Keccak256: 0x42ce6fca873fe4dc4ce4d9accdb53e02fdb497ffa6b30f421cea36c81d8ea289_
-
-_Challenge author: Rooney and Factoreal_

Prequalification_Challenges/rust/hint.py

@@ -1,30 +0,0 @@
-#!/usr/bin/env python3
-
-from math import lcm
-from gensafeprime import *
-from Crypto.Util.number import *
-from flag import flag
-
-def keygen(nbit):
-	p, q = [generate(nbit) for _ in '01']
-	n, e, phi = p * q, 65537, lcm(p - 1, q - 1)
-	d = inverse(e, phi)
-	return n, e, d
-
-def encrypt(n, e, d, m):
-	c1 = pow(n + 1, d >> 3, n ** 2)
-	c2 = pow(m, e, n)
-	return (c1, c2)
-
-flag = bytes_to_long(flag)
-print (flag)
-n, e, d = keygen(512)
-c1, c2 = encrypt(n, e, d, flag)
-
-print(f'n = {n}')
-print(f'c1 = {c1}')
-print(f'c2 = {c2}')
-
-#validity = '[OK]' if (c1 - 1) % n == 0 else '[Not OK!]'
-#d3 = (c1 - 1) // n 
-#....

Prequalification_Challenges/rust/output.txt

@@ -1,3 +0,0 @@
-n = 149611115935957861847433086030752568567261984621907082786040721407247152663716327519502231379009349403555478392331033952810164148573046688871056752042985601125672198741962270290757469688983708043363147130089304518146209920862956021757294842740478378766019286017585191433945507772906003202456007271670509560001
-c1 = 11740426501805700850493692315559578006370589284427206683940757663851146928230684257857117868496707849557168733347824952878380002709870656084949136086910227474133572170435190357845596727976524907841665784086757438386127200855803916010658428188870224409869769764930590879768926281176340935298646735957803036584600929550783080264478281164795674968941326608349176841871873099501077633763111936830560662765218747733834005879942262007725665002064520328109065794417151034621508526996605515243332144564900123239641752620534071998915306976614235709910119552618406674682923068789777245990088973508240448060554699343918041672
-c2 = 143776697087614888263290942500784196016072840323599778499088161935967819360208875932978673848883138508459204320371154339262196712020509264705583964011692527986711085787805336007197757175874259405887701369759903484733471121241423255620536627876637530300427365389368282535238625160577144155748657877913834928967

Prequalification_Challenges/rust/src/main.rs

@@ -1,102 +0,0 @@
-use std::fs;
-extern crate num_bigint;
-extern crate rand;
-extern crate byte_string;
-extern crate num_primes;
-use num_bigint::{BigInt};
-//use num_primes::Generator;
-
-extern crate num;
-use num::Integer;
-use num::One;
-use num::Zero;
-use std::convert::TryInto;
-
-fn pow(n: BigInt, exp: BigInt) -> BigInt {
-    n.pow(exp.try_into().expect("exponent too large for pow()"))
-}
-
-fn modinv(n: &BigInt, p: &BigInt) -> BigInt {
-    if p.is_one() { return BigInt::one() }
-
-    let (mut a, mut m, mut x, mut inv) = (n.clone(), p.clone(), BigInt::zero(), BigInt::one());
-
-    while a > BigInt::one() {
-        let (div, rem) = a.div_rem(&m);
-        inv -= div * &x;
-        a = rem;
-        std::mem::swap(&mut a, &mut m);
-        std::mem::swap(&mut x, &mut inv);
-    }
- 
-    if inv < BigInt::zero() { inv += p }
-
-    inv
-}
-fn lcm(first: BigInt, second: BigInt) -> BigInt {
-    &first * &second / gcd(first, second)
-}
-
-fn gcd(first: BigInt, second: BigInt) -> BigInt {
-    let mut max = first;
-    let mut min = second;
-    if min > max {
-        let val = max;
-        max = min;
-        min = val;
-    }
-
-    loop {
-        let res = &max % &min;
-        if res ==  BigInt::parse_bytes(b"0", 2).unwrap(){
-            return min;
-        }
-
-        max = min;
-        min = res;
-    }
-}
-
-fn main() -> std::io::Result<()>{
-    let contents = fs::read_to_string("./flag.txt")
-        .expect("We lost the flag!");
-    let contents = contents.to_string();
-    let contents = contents.trim().to_string();
-    let mut binary_flag = "".to_string();
-    for character in contents.clone().bytes() {
-        binary_flag += &format!("{0:08b}", character);
-    }
-    let flag_int = BigInt::parse_bytes(binary_flag.as_bytes(), 2).unwrap();
-    // let p: BigInt = rng.sample(RandomBits::new(512));
-    // let q: BigInt = rng.sample(RandomBits::new(512));
-    let p_ = fs::read_to_string("./p.txt")
-        .expect("We lost the p number! You can create p.txt with a large prime P");
-    let p_ = p_.to_string();
-    let p_ = p_.trim().to_string();
-    let p = BigInt::parse_bytes(p_.as_bytes(), 10).unwrap();
-    
-    let q_ = fs::read_to_string("./q.txt")
-        .expect("We lost the q number! You can create q.txt with a large prime Q");
-    let q_ = q_.to_string();
-    let q_ = q_.trim().to_string();
-    let q = BigInt::parse_bytes(q_.as_bytes(), 10).unwrap();
-    
-    let n: BigInt = &p * &q;
-    println!("n = {}", &n);
-    let one: BigInt =  BigInt::parse_bytes(b"1", 2).unwrap();
-    let one_: BigInt =  BigInt::parse_bytes(b"1", 2).unwrap();
-
-    let e: BigInt = BigInt::parse_bytes(b"65537", 10).unwrap();
-    let phi = lcm(&p - &one, &q - &one);
-    let d: BigInt = modinv(&e, &phi);
-    let n_1: BigInt = &n + one; 
-    let eight: BigInt = BigInt::parse_bytes(b"1000", 2).unwrap();
-    let pow_n_2: BigInt = &n * &n; 
-    let d_8: BigInt = &d /&eight; 
-    let c1: BigInt = n_1.modpow(&d_8, &pow_n_2);
-    let c2: BigInt = flag_int.modpow(&e, &n);
-    println!("c1 = {}", &c1);
-    println!("c2 = {}", &c2);
-
-    Ok(())
-}

Prequalification_Challenges/solidity/README.md

@@ -1,9 +0,0 @@
-## Dan's storage is not private - Solidity challenge
-
-The story goes like... your friend Dan from crypto Telegram requested you to audit this small smart contract. You need to prove that it is easy to steal the flag and show "private" is not private.
-
-Figure out the flag by using the Solidity smart contract provided. The goal is to correctly follow the assemble logic of the concat in is_it_on_chain().
-
-_Keccak256: 0x81b1ff6939fedd672ddac358a41abb7192ae1f0660a3b1cbf92ef2c82119612b_
-
-_Challenge author: six_

Prequalification_Challenges/solidity/storage.sol

@@ -1,66 +0,0 @@
-// SPDX-License-Identifier: GPL-3.0-or-later
-pragma solidity ^0.8.17;
-import "@openzeppelin/contracts/utils/Strings.sol";
-
-/// @title On-chain storage to save a precious memory of you life
-/// @author Challenge inspired by CCTF, coded by six
-/// @notice The flag should return when the data is on-chain.
-contract PMC_Sol_Challenge {
-    // Declare everything needed in the contract
-    address private admin = 0x5B38Da6a701c568545dCfcB03FcB875f56beddC4;
-    uint160 door = 0;
-    event contractStart(address indexed _admin);
-    uint256 public pin;
-    string private start;
-    string private data;
-    string private end;
-    string private flag;
-    string private result;
-    bytes32 private data_store;
-    uint private data_set;
-    string private ds_to_Str;
-
-    // O, that is nasty!
-    constructor(address O) payable {
-        emit contractStart(admin);
-        admin = 0==0?O:0x0000000000000000000000000000000000000000;
-        pin = block.number + block.timestamp;  // "Random" pin
-        start = "PMC{";
-        data_set = 0;
-        end = ".NiceTry}";
-    }
-
-    /// @notice Mod
-    function callAddMod() public pure returns(uint){
-       return addmod(4, 5, 3);
-    }
-
-    /// @notice Only the central admin should be able to store his life memory in bytes32.
-    function store_me_on_chain(bytes32 _data) public returns (string memory) {
-        require(msg.sender == admin, 'Not admin');
-        data_store = _data;
-        data_set = asmbl();
-        ds_to_Str = Strings.toString(data_set);
-        return data = string("den_who_is_dan_");
-    }
-
-    /// @notice Generate number
-    function asmbl() public view returns (uint8 b) {
-        assembly {
-            let c := add(27, 16)
-            mstore(0x80, c)
-            { let d := add(sload(c), 255) b := d }
-            b := add(b, c) }
-        }
-
-    /// @notice The admin wants to check the data is on chain and return the flag if is!
-    function is_it_on_chain(uint256 _pin) external returns (string memory) {
-        require(msg.sender == admin, 'Not admin');
-        require(pin == _pin, 'Wrong pin');
-        require(data_set > 1, 'Nothing in the on-chain storage');
-        flag = string.concat(start,data,ds_to_Str,end);
-        return flag;
-        }
-
-    fallback() external {}
-}

Prequalification_Challenges/wss/README.md

@@ -1,11 +0,0 @@
-## Fibonacci WSS challenge
-
-Connect to the WSS service and solve the challenge presented: 45.77.137.182:3333
-
-This challenge requires you to have basic problem solving and coding skills. Any language is accepted for get the solution. Please make sure to upload your solution through the form when you submit it.
-
-You need to send the sequence one by one.
-
-_Keccak256: 0x2f2d4bb11521956c486925241ffcca0cbf7b79bbd9be8eafaeb4fab95713b12d_
-
-_Challenge author: Natoshi Sakamoto_

README.md

@@ -1,104 +1,56 @@
-# Polkadot Metaverse Championship - Challenges
+# Polkadot Championship 2024 - Challenges & Dev Qualification & Judging
 
-The [Polkadot Metaverse Championship (PMC)](https://metaversechampionship.gg/) is an open web3/cryptocurrency contest consisting of a qualification phase and a main event.
+The [Polkadot Championship](https://polkadotchampionship.org/) is an open web3/cryptocurrency contest consisting of a qualification phase and a main event.
 
-# Qualification
+# Developer Qualification
 
-To qualify, you must solve at least 3 challenges from the 5 provided in this repository.
+To be able to register and qualify, you must solve at least 2 challenges from the 4 provided in this repository. Please, see the Prequalification_Challenges folder for details.
 
 ### The process
 
 Each challenge has its own subfolder in the "Prequalification_Challenges" folder, wherein it is described.
 
-The format of a solution is an ASCII string of the form __PMC{...}__, like PMC{#\This_Could_be_Flagz/#}. A correct solution is also called a flag. What you are looking for in each challenge is to generate the string between PMC{......}.
+The format of a solution is an ASCII string of the form __PC{...}__, like PC{#\This_Could_be_Flagz/#}. A correct solution is also called a flag. What you are looking for in each challenge is to generate the string between PC{......}.
 
-[Submit your solutions in this web form](https://www.cognitoforms.com/UnconditionalPeace/PolkadotMetaverseChampionshipPrequalification) to ask for an invitation.
+[Register and submit your prequalification solutions in this web form](https://www.cognitoforms.com/unconditionalpeace/polkadotchampionship2024prequalification) to ask for an invitation.
 
 (If you've played Capture The Flag (CTF) games before, this process should be familiar to you.)
 
 ### Offline flag verification
 
-You can verify the correctness of your solutions before submitting the form. The flags have the following respective Keccak-256 hash values:
-
-```
-kusamaverse - 0x896c90f019d0aaa7977ce81c7d7299b1b43d302295f2d567509ab7e3060a797f
-wss - 0x2f2d4bb11521956c486925241ffcca0cbf7b79bbd9be8eafaeb4fab95713b12d
-solidity - 0x81b1ff6939fedd672ddac358a41abb7192ae1f0660a3b1cbf92ef2c82119612b
-ink - 0x82703a464305aad655e2eb617f31e6e57b7e959bf8528f1d3b5968cc02ed60ac
-rust - 0x42ce6fca873fe4dc4ce4d9accdb53e02fdb497ffa6b30f421cea36c81d8ea289
-```
+You can verify the correctness of your solutions before submitting the form. The hash value of each pre-qualification challenge can be found in its respective folder.
 
 To calculate the Keccak-256 hash of a string, you can, for example, install `keccak256-cli` using `cargo`, and then use the `keccak256` command like so:
 ```
-echo 'PMC{This_Could_be_a_Flag.!}'|keccak256
-0x6104a5489b671452684fee77579df24e6f2441d1f8a832c7366cf2cfc5194935
+echo 'PC{This_Could_be_a_Flag.!}'|keccak256
+0x6bf974d9d12f97a607e57cbd843770ec06a564dbb557645dbb8e9d8f48ef2cec
 ```
 
 ## List of prequalification challenges
 
-__WSS challenge__: you need to play with a websocket connection and get the flag from the service. It is called Fibonacci.
-
-__Solidity challenge__: a security audit might reveal what the developers think is private might actually not be.
-
-__Rust challenge__: work with RSA cryptography and math. The correct math will return you the flag.
-
-__ink! challenge__: you need to get the flag from an already running Substrate node or find "another" way. Make sure to web2 scan everything.
-
-__Kusamaverse challenge__: find the flag in Kusamaverse - this one is very easy, but important for the main event.
-
-### Design for fame
-
-By the way, you can compound your solutions with an optional 3D design of your own, in the web form. We'll add each such design to the Hall of Fame, where all the successfully qualified players get listed.
+Easy - Entry Solidity
+Medium - Hidden in Rust
+Medium - Entropy
+Hard - Business Dev
 
 # Main event
 
-The main event consists of a 3-day hackathon where projects can be conceptualized and implemented, and also of more challenge-solving in parallel.
+The main event consists of a 2-day hackathon where projects can be finalized. You can start before the main event and form teams too!
 
-At first, teams should be formed by qualified players.
+Your final project needs to be conceived during the main event. Mentors and workshops will help you make it happen.
 
-The main event's challenges will be disclosed on 2022-12-06 at 10:00:00 CET. The teams will need to solve at least one from each challenge track, in 24 hours.
+[Link to Track Challenges](https://git.hsbp.org/Web3_Championship/Polkadot_Championship_Challenges/src/branch/master/Main_Challenges.md)
 
-Note: You can already prepare libraries and some code before the hackathon, but the final project needs to be conceived during the main event.
+Playing teams will need to choose one challenge as their main one. Additionally, they need to choose one from the other tracks and create a proposal for solving them. You can already see good examples from last year's hackathon.
 
-### Challenges for the main event
+Overall, two things need to be delivered by the teams on morning of the 3rd day: the main challenge solution, a proposal document for the second challenge.
 
-The details of the main challenges will be shared on 2022 December 6th 10:00 CET. The teams formed before will need to solve at least one from each track, in 24 hours: one of them should be the team's main delivery and the two other are in proposal form. You can already prepare libraries and some code before the hackathon, but the final ideation and project needs to come out during the main event.
-
-Outline:
-
-#### Track 1 - Collaboration
-
-Challenge 1 - Momentum's Kusamaverse related
-
-Challenge 2 - Pallet in 24 hours - Requirements specified by Unit Network
-
-#### Track 2 - Privacy and Security
-
-Challenge 1 - Decentralizing Secureground - CCTF project related
-
-Challenge 2 - Privacy and hacking research related
-
-#### Track 3 - GameFi and NFT
-
-Challenge 1 - RMRK project related
-
-Challenge 2 - KILT related
-
-#### Track J - Only for judges and mentors!
-
-This track is an optional one for the judges and mentors. They are in their position for a good reason, so will they show-off their 1337 coding skills? What would they do in 24 hours while the players are competing? ... We will see :)
-
-
-### Choosing challenges and deliveries
-
-Playing teams will need to choose one challenge as their main one. Additionally, they need to choose at least one from the other tracks and create a proposal for improving the projects.
-
-Overall, three things need to be delivered by the teams: the main challenge solution, a proposal for the second challenge, and a proposal for the third challenge.
-
-The teams need to initialize a git project on https://git.hsbp.org/ or https://github.com/ when the 24 hours start and commit all their development there. Commits after the finish of the end of the 24 hours won't be accepted.
+The teams need to initialize a git project latest on the 2nd day of the hackathon, on https://git.hsbp.org/ or https://github.com/ (which is shamefully owned by Microsoft) and commit all their development there. Commits after the end of the 24 hours DEADLINE MODE ON won't be accepted.
 
 ### Judging criteria
 
+You need to present your project after the end of the 24 hour DEADLINE MODE ON period. We'll need your project name, team members, which ecosystem team you submit for and the pdf persentation. You'll have 10 minutes to explain your project and 5 minutes for Q&A.
+
 Judges will score each team's project based on the following criteria:
 
 - Idea, ecosystem fit
@@ -112,7 +64,7 @@ Judges will score each team's project based on the following criteria:
     - How well-written is the code?
     - Note: the code does not need to be long, but working and should be written during the hackathon.
     - Libs/StackOverflow/etc parts are fine, but there needs to be original code.
-- Sustainability
+- Viability and sustainability
     - If the presented project would get funding, would it be sustainable in the long run?
     - Would anyone keep this project running, would it be interesting enough for the community/users?
 - Practicality
@@ -120,18 +72,15 @@ Judges will score each team's project based on the following criteria:
     - Note: the proof of concept doesn't need to be like that, but knowing that future improvements would make the project practical is important.
 - Security Model
     - How is the project protected against threats and abuse?
-- Second and Third challenge proposal
-    - Did the team present a realistic idea for the two other tracks?
-    - Note: don't spend more than an hour as a team on this, but make sure to do it. 5/5 is the maximum score per proposal.
+- Second challenge proposal
+    - Did the team present a realistic idea for the other track?
+    - Note: don't spend more than an hour as a team on this, but make sure to do it. 5/5 is the maximum score for this proposal.
 
 Each criterion has a maximum score of 10 and the judges will decide individually how many scores they vote for the teams. The maximum score a team can get for their main project is 70. After the scores are finalized, they will be presented in the Hall of Fame smart contract.
-
-## Support and feedback for the prequalification
-
 We don't help with solving the challenges, but if something is unclear or you think you've found a bug, we are always open to hear from you.
 
 ## Contact
 
-You can contact us anytime though our email address contact@metaversechampionship.gg or you can talk to __six__ through Matrix (@hexff:matrix.org).
+You can contact us anytime though our email address contact@cryptoctf.org or you can talk to __six__ through Matrix (@hexff:matrix.org).
 
-You can find all our communication channels, media content and PR postings through [our linkfree](https://linkfree.metaversechampionship.gg/).
+You can find all our communication channels, media content and PR postings through [our linkfree](https://link.polkadotchampionship.org/).