Polkadot_Championship_Chall.../Main_Challenges/CCTF/Challenge.md

1.0 KiB

CCTF Challenge for Polkadot Metaverse Championship

Description

CCTF is a Capture the Flag (CTF) game. CTF in computer security is an exercise in which 'flags' are secretly hidden in purposefully-vulnerable programs or websites. Competitors steal flags either from other competitors (attack/defense-style CTFs) or from the organizers (jeopardy-style challenges).

From CCTF volume 9, we have started to use a decentralized system: Solidity smart contract deployed and players send signed messages. Flags became private keys. We replaced CTFd to our smart contract, but it needs improvements.

Task

Improve the CCTF smart contract. You can improve the flag submission (eg. fix the hidden vuln from the last game), add features or create a frontend. Be creative, make something useful.

Solidity smart contract deployed address is 0x36a1424da63a50627863d8f65c0669da7347814a - find on Polygon network.

Website: https://cryptoctf.org/

Blog the ECDSA forgery: https://cryptoctf.org/2022/09/11/writeup-of-flag-submission-forgery-by-si/