Polkadot_Championship_Chall.../Main_Challenges/CCTF/Challenge.md

20 lines
1.0 KiB
Markdown

# CCTF Challenge for Polkadot Metaverse Championship
## Description
CCTF is a Capture the Flag (CTF) game. CTF in computer security is an exercise in which 'flags' are secretly hidden in purposefully-vulnerable programs or websites. Competitors steal flags either from other competitors (attack/defense-style CTFs) or from the organizers (jeopardy-style challenges).
From CCTF volume 9, we have started to use a decentralized system: Solidity smart contract deployed and players send signed messages. Flags became private keys. We replaced CTFd to our smart contract, but it needs improvements.
## Task
Improve the CCTF smart contract. You can improve the flag submission (eg. fix the hidden vuln from the last game), add features or create a frontend. Be creative, make something useful.
## Links, sources
Solidity smart contract deployed address is 0x36a1424da63a50627863d8f65c0669da7347814a - find on Polygon network.
Website: https://cryptoctf.org/
Blog the ECDSA forgery: https://cryptoctf.org/2022/09/11/writeup-of-flag-submission-forgery-by-si/