Remember this 210 LTC worth puzzle, posted by Charlie Lee? We have solved it :) Detail explanation inside how we did that!
May 10th Charlie Lee posted on Twitter new crypto puzzle challenge. It celebrated SegWit activation in Litecoin. Together with Zd3n they published an JPG picture with hidden 230 LTC in it to grab. The goal was simple: find the private key and be free to take all Litecoins :)
The whole idea of this puzzle belong to Zden Hlinka. He is a digital artist involved in computer graphics and video scenes. Grew up actively on underground demo scene in Europe and still does it for today. He did some of similar puzzles related to other cryptocurrencies also.
Just after announcement of crypto challenge, the official Telegram channel crowded full of people. For whole 2 weeks there were close to 400 members. I was amazed how these people cooperated together 24h/day to find the solution. People threw plenty of ideas trying their best to find the key. In the end we did it :) Just look how these ideas evolved to final path.
Someone said this can be Morse code. Grey are 1 values and Black are 0’s in the rings. Concatenated together they should give full 256 bit private key. People tried to reproduce the key going through rings clockwise, counter-clockwise, rotated etc. It all led to dead end. But what about the Ł thing in the centre?
28 Shades of Grey
The connections between rings and Ł graph thing popped like a mushrooms. There are 28 nodes in the graph - each of them in individual shade of gray. The circles on the rings have 28 shades too, same colors as nodes. There are 2 rings and 2 Ł border drawings also. Additionally every node and some of circles has I / O symbols drawn on itself. There are so many possible configurations it could work. At this step we didn’t even look at the strange arrows…
Promising idea came from Twitter user. The arrows if dragged from center of image are directing to circles on the rings! Researchers fastly count that there are 84 arrows which is divisible by 28. If we are in numbers, the I’s and O’s number is equal (14) too. That hint looked good at first sight, but nobody could draw any conclusions from this point of view.
If this is image-based puzzle, maybe there is something hidden in its data? Maybe we should take the problem as a computer forensic case. People agreed that Steghide tool found SVG file in it. Hidden structure was vector drawing of exactly same picture we got from author. Confusing part was why the embedded filename is “steganopayload2641.txt” and what that means. However there was small hint for us in the source code. SHA256 of correct answer! Good enough.
Open the gates
What if the 1/0 symbols at the nodes are in fact I - Input and O - output logic gates? Looking at the graph the “On” and “Off” states can determine how we move from one node to another. Someone said Litecoin in lazy thinking is de facto “Light coin”. Light? Bulbs? Yes, this can work, but what to do with these switches?
Another point of view
Some of people were looking at the graph in 3-dimension way. They argued the data of first layer can be related to first ring and so on for second. The arrows are defining paths between level-1 circle and level-2. Just another miss viewpoint..
Malbolge code?! What is this? If we extract hex values inside the Ł we achieve string ending with mysterious “[email protected]”. There is only one Google search result with this string and it leads to document written in weird programming language. The chat instantly took a note that could be a Malbolge code. I don’t know if this is true or just a myth but from Wikipedia the Malbolge code is language which is known to be extremely difficult to use. No man could ever in history write a single code in this language. People use special algorithms to write programs eg. genetic algorithms, Brainfuck etc.
The Malbolge code idea suits very well in this kind of puzzle. Sadly noone could ever translate it back to private key.
Binary in the wallet
Taking a look at litecoin wallet itself we can see suspicious transactions. Wallet was charged by 100 LTC, 10, LTC, 100, LTC and 1 LTC in this order. Can we treat them as binary code? 100 10 100 1 would be a nice hint for us. Still it is only a part of whole riddle. However Zden said the puzzle itself is standalone and “everything is in svg”.
Lightning network graph
Do You see the 5 dots under the graph? They exactly same as the dots in YouTube exaplaining Lightning Network video. People start to study the technical documents about LN technology. This document https://lightning.network/lightning-network-paper.pdf often appeared in the chat. I believe somebody learned something interesting from it. Considering whether it was the way to solve the puzzle or not.
On the other side, maybe it is just 5-dotted progressbar like we see at Linux Ubuntu startu-up..
Before hint #3 came from Zden we were brute forcing every possible way through found algorithm. Hint 3 made it a lot easier, because it gave us about 60% of solution. From now Ben ported his scripts to C++ and found few thousand possible private keys. Fortunately one of them opened the wallet and we got there.
So the steps of encryption algorithm we were brute forcing:
- For every bit of private key (circle on the rings):
- Get random node from graph with correct 1/0 symbol as out bit
- Rotate padding clockwise and follow the path (do this 4 times!)
- After 4 follows get color of landing node and paint with it our starting circle
- Repeat above 256 times
Ben posted his scripts with instructions here https://github.com/Cybourgeoisie/LTCStegCode
- Author invented this puzzle while bathing and abandon first idea of much harder puzzle than this, however based on same algorithm
- The private key holds 16x16 bitmap Litecoin logo
- We weren’t be able to calculate sha256 hash of answer. The hash gave as hint by Zden is e5dc56d2d30a8f7a0f135e0d2588d24b5ff960f964939375434611b26be24c5d. We still don’t know if this is hash of original bits, in which form - string, hexadecimal, decimal? Maybe it is hash of private key WIF format? Nothing of that matches. Still a puzzle for me :)
- Encryption process video by Zden: