spacemandev

3 min read - Posted 17 Feb 19

Blockchain Cyber Security CTF Platform (ChainCTF)

Project Name

ChainCTF

Project Tagline/Description (140 Characters Max. Will be used on table card for judging)

A modular system for event organizers to deploy a full featured cyber security ctf featuring on and off chain exploits, leader boards, and a trading card game to teach the more conceptual vulnerabilities.

Team Members. First and Last Names

Dev Bharel, Daniel Fallon, Jordan Earls

Status.im ID for Each Team Member (we will use this to contact you and your team)

spacemandev

Detailed Project Description (no more than 3-4 sentences)

CTF Engine features Quest Packages, Quest Provisioning System, Scoring Engine, Asset Store, and a Meta Game. Quest Packages: A self contained template for multi-step exploit checks. Users can try to break the contract or submit zero knowledge flags for off chain steps (breaking into a lockbox, hacking a server, etc) then run the test contract to see if they achieved all the exploits in the contract.

Quest Provisioning System: QPS is an optional off chain deploy service that listens to Scoring Engine events to see when a user wants to start a given quest. An instance of that quest's vulnerable contracts are then deployed and locked so only that user can attack them. It uses Graph QL to listen to the events and pull and read quest package data.

Scoring Engine: An optional module that handles a leaderboard and the main interface to players to interact with. Also manages player's quest progressions and requests for a quest to be provisioned for them.

Asset Store: Optional module that awards Coins for completed quests that players can use to purchase Admin defined Cards from the store. These cards have specific stats that can be skinned to whatever narrative design you like and can be used for attack/defense meta game.

Meta Game: Optional module that focuses on two contracts: Blockchains.sol, and Mutators.sol. This is a specific meta game where enemy AI and players spawn and fight against each other blockchains. Blockchains have attributes and players can 'mine' their blockchain to gain more Coins and Points. They can also burn cards in Mutators.sol to carry out attacks or defend their chain. For example, a 51% attack that reduces the market value of an enemy blockchain might cost them 51% of Attack CPU cards as the target chain has total CPU power. This is used to teach more 'conceptual' vulnerabilities (actually breaking into and gaining control of that many nodes might be tedious work).

Describe your tech stack (e.g., protocols, languages, API’s, etc.)

Truffle & Eth for contract deployments Terraform, AWS, Ansible, GraphQL for Quest Provisioning System YAML for config

Track for which you’re submitting (Open or Impact)

Open

https://github.com/Brownie79/ethctf (README has further explanation)

Created with Sketch.Content is"CC-BY-SA 4.0" licensed
Article On-chain
0 Comments
Related Articles
Wel-fair

Project Name WelFair Project Tagline/Description (140 Characters Max. Will be used on table card for judging) Government task marketplace to top-up welfare benefits Team Members. First and Last Names Bernard Lin, Sean Oh, Siva Kannan, Ling Zhong Status.im ID for Each Team Member (we will use this to contact you and your team) https://get.status.im/user/0x04168ab2915aaf7d47d5e391414facc39354da41a8cb4a276cb88cfd0e2c02b9bebb856abffd62288b860ce773e5460d503d2ca983b51b4a43a7a37fdae281e050 https://get.

null
0x0d2c...f996

17 Feb 19

SPITL - Tipping multiple users with a single step

Project Name SPITL Project Tagline/Description (140 Characters Max. Will be used on table card for judging) The splitter smart contract allows a user to send a tip and split it to multiple people on a single transaction. Team Members. First and Last Names Cristian Espinoza, Dan Shields, Oscar Presidente, Robert Mudgett Status.im ID for Each Team Member (we will use this to contact you and your team) Cristian: 0x0445b62b27ebb3647cb201f84c1cde180b0378e90b68359f17f9c61a97f1754109e77af796a93d3d89a8b