We created the Hacker Challenge program to allow haters and opponents to do due diligence around the technologies that power the DeTEE platform. Hence we open sourced everything and allowed everybody to join without any limits.
Read carefully
Hacker challenge is licensed under GPLv2. To participate in the Hacker Challenge, you must agree with following:
The idea of the bounty program is fairly simple. Hack our wallet to earn the DeTEE prize! Wallet keys are secured inside every node of the Hacker Challenge cluster. You can easily run a node yourself. Otherwise, no limitations.
Wallet Address is AVV4yXTCbTYdJjzM5BniSchFby3mMeJ9JLAGFNubXm8h.
Because the wallet has a permission to mint DTHC tokens, you can deploy a node and request it to send some tokens to your solana account.
Token Address is A6HtJwfUbRiPoqVBQY611avQS4byHP4BZXHHBCMD4eFp.
This is a collective prize of $1380 in SOL and other meme coins + $13,000 in tokens.
Steps that you need to do to run the Hacker Challenge node.
Server requirements You need have a Server with Intel processor that supports SGX or rent a VM, for options see RedSwitches or Hetzner. You may also have the compliant processor in your laptop or desktop, check here. Public IP is not required to participate.
Server preparation is quite simple. Make sure you have installed and using the kernel above v5.13 to get a built-in SGX DCAP driver. Also make sure that you enabled SGX in BIOS. Final step is to add the symlinks for the sgx devices:
# Check if sgx is enabled
cpuid | grep -i sgx
# Add symlinks for the sgx devices
sudo mkdir -p /dev/sgx
sudo ln -sf ../sgx_enclave /dev/sgx/enclave
sudo ln -sf ../sgx_provision /dev/sgx/provision
Advanced installation is needed if you want to work with trusted execution environments on your server directly - not through docker like in the case of simple installation. Follow this tutorial to install the SGX SDK manually. To simplify the process, we have created the following cheatsheet:
https://docs.detee.ltd/docs/hackers/prerequisites
Hacker challenge works as a cluster that anybody can join. To join a cluster, all you need is to run the DeTEE Hacker Challenge Node (sometimes we also call it DTHC). DTHC is a docker image that you can start using:
docker run --device /dev/sgx/enclave --device /dev/sgx/provision \
-v /tmp/dthc:/challenge/main -p 80:31372 -p 31373:31373 -d \
--env INIT_NODES="212.95.45.139 46.165.199.12 184.107.183.210" \
--name dthc detee/hacker-challenge:latest
After your node has started, feel free to start exploring logs:
docker logs -f dthc
- docker devices give node the access to the SGX functionality
- INIT_NODES are real IP addresses of currently running nodes that host the key
- in the /tmp/dthc you will find the files with node metrics and Solana keys
- if your IP is public, expose port 31373 so that other nodes can connect to you
- use the node as http://localhost:80/mint?address=... to mint DTHC tokens
How to start attacking the Hacker Challenge.
The node that you can run is part of the DeTEE hacker-challenge, in other words a decentralized wallet that mints the DTHC Token. The private key of the mint authority was generated within the network. The challenge is easy: Hack the network to get the private key, and all the SOL is yours. We also offer other rewards, including:
The mint address of the token is: A6HtJwfUbRiPoqVBQY611avQS4byHP4BZXHHBCMD4eFp
The mint authority is: AVV4yXTCbTYdJjzM5BniSchFby3mMeJ9JLAGFNubXm8h
In order to mint, the mint authority will need some SOL. Before sending SOL, take into consideration that DeTEE REPRESENTATIVES DON'T KNOW HOW TO GET THE SOL OUT OF THE NETWORK!
You can make following requests:
/nodes
<= information about hacker challenge nodes and activity
/mint?address=<address>
<= mints 1 DTHC to a given address
Technical architecture of the P2P engine behind the hacker challenge.
Hacker Challenge is a decentralized network of nodes. Each node in the network runs inside an enclave (1). Memory pages of programs within the enclave are encrypted outside the enclave. Programs within the enclave have access to sources of entropy that are also protected from outside interventions. Enclaves also have exclusive access to their unique secrets that they usually use to seal (2) data on disk. Each enclave in the cluster must have the same measurements (3), since it runs the same version of the code and configuration. A running program can generate a quote that can be used to verify the measurements and legitimacy of the hardware it's running on. Decentralized algorithms are simplified as you will see from the code, since every node in the cluster is inherently trusted.
Assuming there are no vulnerabilities in any of the mentioned hardware features, and our node implementation has none either, it should be practically impossible to steal the SOL from the network wallet because:
Hence when the new node joins the network, it connects to 3 peers using the RATLS handshake. The peers exchange their measurements and verify them. If the measurements are not in the whitelist, the peer will reject the connection. When the node is successfully connected, it receives the Solana wallet keypair and is able to mint the DTHC token.
1. The enclave is a program that operates in a trusted execution environment (TEE) . 2. Sealing is a technique that the enclave uses to symmetrically encrypt and decrypt disk data to hide it from host. 3. Enclave measurements are strings that uniquely identify the enclave and its configuration, like hash of the enclave's binary, configuration, the signer public key, its version and product id.