🏗️ Reorganize files

Author: cairoeth

.github/workflows/build-infra.yaml

@@ -73,7 +73,7 @@ jobs:
         id: build-and-push
         uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
         with:
-          context: ./infrastructure/paradigmctf.py
+          context: ./paradigmctf.py
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}

.gitignore

@@ -0,0 +1,5 @@
+# venv
+/venv
+/include
+**/__pycache__
+.DS_Store

README.md

@@ -1,18 +1,120 @@
-# OpenZeppelin CTF 2023
+# OpenZeppelin CTF Infra
 
-This repo contains the infrastructure & challenges for the OpenZeppelin CTF in 2023. The infrasturcture is built on top of [kCTF](https://github.com/google/kctf) and forked from [blazctf-2023](https://github.com/fuzzland/blazctf-2023).
+This repository contains all the infrastructure to host the OpenZeppelin CTF, based on [Paradigm CTF](https://ctf.paradigm.xyz).
 
-Directory:
-* `infrastructure`: Contains the infrastructure code forked from [paradigm-ctf-infrastructure](https://github.com/paradigmxyz/paradigm-ctf-infrastructure) with some modifications.
-* `challenges`: Challenges code and environment setup.
-* `solutions`: Solutions for the challenges.
+## Usage Local
 
-### How launch the challenge locally?
-1. cd into `infrastucture/paradigmctf.py` and run `docker-compose up -d` to start the infra servers.
-2. cd into `challenges/<challenge_name>/challenge` and run `docker-compose up -d` to start the challenge server.
-3. nc localhost 1337 to manage instance.
+To run the CTF infrastructure locally, simply run the following commands:
 
-Remember to delete existing instance before you switch to another challenge.
+```bash
+cd paradigmctf.py
+docker compose up
+```
 
-# Challenges
-WIP
+To run the CTF infrastructure in kCTF, you'll need to do the following:
+
+```bash
+# create the cluster if it doesn't exist
+kctf cluster create --type kind local-cluster --start
+
+# build the image
+(cd paradigmctf.py; docker build us-docker.pkg.dev/idyllic-adviser-409615/openzeppelin/ctf-2023-server:latest)
+
+# push the image to kind
+kind load docker-image --name "${CLUSTER_NAME}" "us-docker.pkg.dev/idyllic-adviser-409615/openzeppelin/ctf-2023-server:latest"
+
+# create all the resources
+kubectl apply kubernetes/ctf-server.yaml
+
+# port forward the anvil proxy for local access
+kubectl port-forward service/anvil-proxy 8545:8545 &
+```
+
+Now you'll be able to build and test challenges in kCTF:
+```bash
+# start the challenge
+kctf chal start
+
+# port forward the challenge
+kctf chal debug port-forward --port 1337 --local-port 1337 &
+
+# connect to the challenge
+nc 127.0.0.1 1337
+```
+
+## Usage Server
+
+To run the CTF infrastructure in kCTF, you'll need to do the following:
+
+```bash
+# get the challenges
+git clone ssh://[email protected]/openzeppelin/ctf-2023.git & cd ctf-2023
+
+# pull the infrastructure
+docker pull us-docker.pkg.dev/idyllic-adviser-409615/openzeppelin/ctf-2023-server:latest
+
+# umask allow copying executable files
+umask 0022
+
+# enable docker integration with Google Container Registry
+gcloud auth configure-docker
+
+# get and activate kctf
+curl -sSL https://kctf.dev/sdk | tar xz
+source kctf/activate
+
+# create and start gke cluster
+kctf cluster create --project idyllic-adviser-409615 --domain openzeppelin.kctf.cloud --start remote-cluster
+
+# create all the resources
+kubectl apply -f infrastructure/kubernetes/ctf-server.yaml
+
+# port forward the anvil proxy for local access
+kubectl port-forward service/anvil-proxy 8545:8545 &
+```
+
+Now you'll be able to build and test challenges in kCTF:
+```bash
+# start the challenge
+kctf chal start
+
+# port forward the challenge
+kctf chal debug port-forward --port 1337 --local-port 1337 &
+
+# connect to the challenge
+nc 127.0.0.1 1337
+```
+
+## Images
+
+Paradigm CTF is hosted using [kCTF](https://google.github.io/kctf/), a Kubernetes-based CTF platform. Follow the kCTF setup instructions to get a local cluster running on your computer.
+
+### kctf-challenge
+The [kctf-challenge](/kctf-challenge/) image acts as a standard image on top of the kCTF base image. It's optional, not required, but provides the following features:
+- Adds the `/bin/kctf_persist_env` and `/bin/kctf_restore_env` scripts for use with `kctf_drop_privs`, which resets all environment variables (this might be removed if a better way of passing configuration variables is identified)
+- Adds a common `nsjail.cfg` for use with Anvil. The usefulness of running the Anvil server inside nsjail is debatable, as a lot of security features need to be disabled (timeouts, resource limits, etc). The file is also poorly-named, and may be changed in the future
+
+### paradigmctf.py
+The [paradigmctf.py](/paradigmctf.py/) image acts as the base image for all challenges. It provides the following features:
+- Installs the `ctf_launchers`, `ctf_solvers`, and `ctf_server` libraries. These can be used to orchestrate CTF challenge instances.
+
+## Libraries
+
+### forge-ctf
+The [forge-ctf](/forge-ctf/) library provides two Forge scripts which can be used to deploy and solve challenges. They are intended to be used with the `eth_launchers` package.
+
+The `CTFDeployment` script can be overridden to implement the `deploy(address system, address player) internal returns (address challenge)` function. It defaults to using the `test [...] test junk` mnemonic, but will read from the `MNEMONIC` environment variable. It writes the address that the challenge was deployed at to `/tmp/deploy.txt`, or the value of `OUTPUT_FILE`.
+
+The `CTFSolver` script can be overriden to implement the `solve(address challenge, address player)` function. The challenge address must be specified as the `CHALLENGE` environment variable. The player private key defaults to the first key generated from the `test [...] junk` mnemonic, but can be overridden with `PLAYER`.
+
+## Templates
+
+Templates are provided for you to quickly get started with creating challenges of your own. To use them, copy the [templates](/templates/) into `kctf/challenge-templates`. Then, you will be able to use `kctf chal create --template eth-pwn`.
+
+## TODO
+Huff support is pretty bad, needs the following changes upstream:
+- https://github.com/huff-language/foundry-huff/issues/47
+- Needs to support broadcasting from specific address
+- Needs to stop using hexdump to generate some random bytes
+
+Kubernetes support is not complete yet