Public Bundle Tampering Challenge

A real signed bundle is posted below.
Find a way to break our use of it.

We are not asking the public to break ChaCha20-Poly1305 or HMAC-SHA256. Those are well-vetted primitives we deliberately did not invent. We are asking you to find a way to tamper with the bundle, or with the workflow around it, such that our own verifier reports the result as fully trusted. That is the realistic and interesting attack surface, and it is the one a security review actually finds bugs in.

Download the Bundle Verify it Yourself See the Challenge
Published —
Key reveal —
Time remaining —
ChaCha20-Poly1305 AEAD
HMAC-SHA256 signature
What You Are Looking At
A real artifact from a real system
This bundle was produced by the same BRY-NFET-SX codebase running in the live demo. The secrets were generated fresh for this challenge and are used nowhere else in the project.
Encryption

ChaCha20-Poly1305

Messages are sealed with ChaCha20-Poly1305 authenticated encryption as provided by the Python cryptography library. No custom cipher. No new primitive. Standard AEAD.

Integrity

SHA-256 Manifest

Every file in the bundle is hashed with SHA-256. The hashes are bound together into a manifest that is stable, canonical, and independently verifiable without any secrets.

Authenticity

HMAC-SHA256 Signature

The manifest is signed with HMAC-SHA256 using a signer secret held only by the publisher. The signature includes a key fingerprint derived from the actual signer key material.

Download
The challenge bundle
Download individual files or the full zip. Everything here is safe to serve. Nothing here contains the master key.

Full bundle (zip)

All four files packaged into a single zip for one-click download. Checksum included below.

Download bundle zip

Individual files

Public challenge metadata

This file records the publish time, reveal time, envelope ID, signer key fingerprint, and the SHA-256 commitment to the reveal token. Download it alongside the bundle.

Download challenge-meta.json
Verify
What you can confirm today, with zero secrets
Everything below runs on your machine. You do not need to trust this page. You do not need the master key.

1. Fetch the bundle

mkdir -p bry-challenge && cd bry-challenge
for f in artifact.json metadata.json manifest.json signature.json; do
  curl -s -O https://secure.imagineqira.com/challenge/bundle/$f
done
curl -s -O https://secure.imagineqira.com/challenge/challenge-meta.json

2. Verify the manifest integrity

Recompute the SHA-256 of every file listed in the manifest and compare to the published hashes. If the hashes match, those files have not been modified since publication. manifest.json and signature.json are not listed in the manifest (the manifest cannot reference itself, and signature.json signs the manifest).

python3 - <<'EOF'
import hashlib, json
manifest = json.load(open("manifest.json"))
for entry in manifest["files"]:
    name = entry["name"]
    want = entry["sha256"]
    got = hashlib.sha256(open(name, "rb").read()).hexdigest()
    print(f"{name}: {'OK' if got == want else 'FAIL'}  {got[:16]}...")
EOF

3. Inspect the signature

The signer key fingerprint is published in challenge-meta.json. Confirm the signature file references the same fingerprint. Verification of the actual HMAC requires the signer secret, which is published at reveal time along with the master key.

python3 -c '
import json
sig = json.load(open("signature.json"))
meta = json.load(open("challenge-meta.json"))
print("signature fingerprint:", sig.get("key_fingerprint", "(none)"))
print("published fingerprint:", meta["signer_key_fingerprint"])
print("match:", sig.get("key_fingerprint") == meta["signer_key_fingerprint"])'

4. Full signature verification (once the signer secret is released)

After reveal, run the built-in bundle verification against the published signer secret. This confirms the manifest HMAC is valid.

uv run python -c '
from bry_nfet_sx.protocol.bundles import verify_bundle_dir
result = verify_bundle_dir(
    "./",
    signer_provider_mode="local",
    signer_secret="<published-signer-secret>",
    signer_key_version="challenge-v1",
)
import json; print(json.dumps(result, indent=2))'
The Challenge
Find a way to tamper with the bundle that our verifier accepts as trusted
One target. One question. A credible, reproducible result is a real finding and will be acknowledged publicly.

The actual ask

Modify any byte of the published bundle — artifact.json, metadata.json, manifest.json, signature.json, or any combination — in such a way that running verify_bundle_dir against the result reports overall_trusted: true, while the bundle is materially different from the one published here. Or find any other path through the BRY-NFET-SX bundle and storage layer that produces a falsely-trusted verdict on tampered content.

This is the realistic attack surface for any solo-built signed-bundle system. It is where actual bugs live: in the parser, the canonicalization, the path resolution, the metadata-consistency rules, the trust-aggregation logic. The published source is part of the in-scope material. So is anything you discover by reading it.

What we are not asking for, and why

We are not offering this as a challenge to break ChaCha20-Poly1305, HMAC-SHA256, or SHA-256. Those are well-vetted public primitives. Asking the public to break them would be a category error: it conflates "we picked a strong primitive" with "our system is strong," and it would invite the wrong kind of attention from the wrong kind of reader. We use those primitives because they have been analyzed for years by people more qualified than us. We are not asking you to attack them. We are asking you to attack our use of them.

If you do recover the plaintext through some path other than the published key release, that is interesting and we want to hear about it — but the framing of this page is bundle-level workflow attacks, not cryptanalysis.

Rules of Engagement
Scope and expectations
The challenge scope is the bundle. The website, live demo, and server are explicitly out of scope.

In scope

  • The four bundle files downloaded from this page
  • The challenge metadata file
  • The BRY-NFET-SX source code in the public review packet
  • Any analysis you perform locally on your own machine

Out of scope

  • Attacks against secure.imagineqira.com or its infrastructure
  • Attacks against the live demo application
  • Denial of service, brute force against the server, or scraping
  • Social engineering or attempts to obtain the key out of band

How to submit

Email bryanleonard@imagineqira.com with the subject line "Challenge Submission" and include:

  • A reproducible description of the tampering or workflow path
  • The modified bundle files, or the steps to produce them
  • The exact verifier output (verify_bundle_dir) showing overall_trusted: true on the tampered content

Credible findings will be acknowledged publicly on this page and in the security posture document, with attribution you approve.

Honest Caveats
What this challenge does and does not prove
Every security challenge needs an honest framing. Here is the one for this one.

What this does prove (if uncracked)

  • The BRY-NFET-SX bundle format is real, reproducible, and externally hashable
  • The workflow produces signed artifacts with verifiable trust semantics
  • The publisher is willing to put a real artifact and the source code in front of the public
  • The commit-reveal scheme prevents post-hoc plaintext substitution
  • No reviewer found a workflow flaw that fooled the verifier within the challenge window

What this does not prove

  • Anything about the strength of ChaCha20-Poly1305, HMAC-SHA256, or SHA-256 — those are public primitives, not this product, and we are not asking you to attack them
  • That the overall system is audited by a third party — it is not
  • That the bundle format is the only possible trust envelope — it is one design
  • That the product is production-ready for hostile multi-tenant use — it is not
  • That a longer or better-funded review would not find something — it might

Every file is public. Every hash is verifiable. Every byte is fair game.

The bundle is posted. The source is linked. The verifier is the target. See you in seven days.

Download the Bundle Live Demo Submit an Attempt
Page change log

2026-04-15 — rewrote the challenge framing

An earlier version of this page enumerated three challenges: (1) recover the plaintext, (2) forge an HMAC-SHA256 signature, (3) find a workflow flaw. After feedback that (1) and (2) were category errors — asking the public to break ChaCha20-Poly1305 or HMAC-SHA256 is asking for academic-grade cryptanalytic results, not security findings about this system — we removed both and kept only the workflow attack as the actual challenge. Bundling them next to the workflow attack created a false equivalence and would have read as crypto theater to any qualified reader. The honest framing is the one above: we use well-vetted primitives we are not asking you to break, and we are asking you to break our use of them. We are leaving this note in place rather than silently rewriting history.