🏴‍☠️

Vault Challenge

Crack the vault. Keep the funds.

Current Reward

···

Ethereum Mainnet • Live

Time Elapsed

--Days

--Hrs

--Min

--Sec

Challenge active

+$100/week added to the reward wallet.

Support the Bounty

Donation Address (ETH Mainnet)

0x7fAb2f1b2393f7Aba1663d3847af1d5e0e34892A

Every donation increases the reward. Your ETH goes directly into the challenge wallet.

The Challenge

This is a real VaultKeepR vault, created with the production cryptographic stack — identical to what every VaultKeepR user has. Inside is the private key of an Ethereum wallet containing the reward.

Decrypt it → import the private key → transfer the funds. First to move the funds wins.

🔒 Dual-Factor Protection

Like every VaultKeepR vault, this one is protected by two independent factors:

Factor 1

Master Password

Unknown. Must be brute-forced or guessed.

Factor 2

Wallet Signature

Requires the signer wallet's private key. Address is known, not the key.

Both factors are concatenated and fed into Argon2id to derive the encryption key. You need both to decrypt.

Argon2id 64 MiBXChaCha20-Poly1305Password + Wallet SignatureTwo-Factor Required

How It Works

password+wallet_signature

↓ concatenation

→Argon2id (m=64 MiB, t=3, p=4)

↓ 256-bit key

→XChaCha20-Poly1305

↓ decrypt

→🏆 Reward private key

The wallet signature is produced by signing "VaultKeepR Bug Bounty Challenge — I authorize this vault encryption" with the signer wallet's private key (EIP-191 personal_sign). The wallet address is published, but the private key — and therefore the signature — must be recovered by the attacker.

Cryptographic Parameters

KDF

Argon2id (m=64 MiB, t=3, p=4)

Cipher

XChaCha20-Poly1305

Commitment

HMAC-SHA256

Key Input

password ∥ wallet_signature

Key Length

256-bit (32 bytes)

Nonce

192-bit (24 bytes)

Salt

128-bit (16 bytes, random)

Chain

Ethereum Mainnet

Wallet Addresses

Reward Wallet (funds inside)

0x7fAb2f1b2393f7Aba1663d3847af1d5e0e34892A

Signer Wallet (KDF input — address only)

0x20d5A33177468ea0caC968b0BDaBdA9b0668a392

The private key of this wallet is needed to produce the signature used in key derivation.

IPFS Attestation

Vault published on IPFS

The encrypted vault is pinned on IPFS. You can download it directly from any IPFS gateway.

IPFS CID

QmVN6RveumcMgNx5VNvyTQxg8GNn7tyJ2mSkS5miUoiEVr

Pinata dweb.link 4everland ipfs.io

Encrypted Vault Data

{
  "ciphertext": "ad1519d5e7498d164ca5932100bbd9e32c5ec97be038c4a6088df16b78ab76fc56a0b37281c2ee2e697b2a7f3d11500271321ed4739e88535213abb29e0b0b4488cabb8417d9f7d2bd0c2541fcdc37dbc62479a4a05bc61f29ee42eeb7e5df8185383938f29d45f747c4c6e37ec5995037c135e74cd639bec92fd5b25e7ad83da35d60ba34885fc7023cb8468b381aeb53aaba65dd677e1aa68c4b8e0adf5dd730569e55c66d9d2e7bdb4593b2b7e4d0ecb1c7e886be02025fd09cee7da9bb9b5853b194652229672b6f065126d2bcea0558d3a6b6a422d7ff6fb8e3591d4cc551c52d90112c2c6a9cc2a4086f8fe2a88c3edb9c237afce819eb90812423a4f5d6b5f8d1cb153e2bc601057bf4d85352f9be1c1b1740481e05dc79f8c689e110372834766e0f15f0e7fec3c280990c2b0f6ab47cf35da9089433691374db39eebec04c5dfc9acab151706b0cbca3174b6fc07f46a462eb6155ec827682cc1468a270f781fba27cf4ac138ef1d10bdb8808672d3b212d8972fcff9788819d80e2d6c632f74b4527f1c56d8ddc5de5ae265aa67348dd170d91764a1958504512512b84e96c14a467bfdd50899639ac28d178c366b2ec740e12596a7537713e419d294a9a476838a3ae0d9d94f9a2360beae98ccdfeeca2030d3a65959c1ce13b5aff175474b1014a46c40682f80390d3a75873665f985ab0b0ce265fef9469cae2e1e341c8fa758780ba9ffdbf3c12d73d4adde3f2ca65de77e9a52762cfb22baf2ca178dc05e041240a978d5d6bfc3f2d820425797f310749985b7424353013b3dcae76231a278efe8d422e4ad893c3f74d3dc51a013a554df4e8602f0699029d2746850d106d214232fcdaf56aaa3913eff824967794bbce7c3a37abbfb77d1cbedd9a85721ca4d1965f4dc4b34f6c07f5c7a207a06c172926ba14a191219653b8bd0fb5d902929b5e5883262219",
  "nonce": "b29a664ee0df6d3ee802491c334e015240c6feb7a4da6d76",
  "salt": "c03248ec2ae84e11343b623143653798",
  "commitment": "d19737f313b89e4f78c489a9c6f31420c7601877319ea58a56d87b70e420f6f9",
  "version": 2,
  "walletAddress": "0x20d5A33177468ea0caC968b0BDaBdA9b0668a392",
  "challengeMessage": "VaultKeepR Bug Bounty Challenge — I authorize this vault encryption",
  "kdf": {
    "algorithm": "argon2id",
    "m": 65536,
    "t": 3,
    "p": 4,
    "dkLen": 32,
    "saltLengthBytes": 16
  },
  "cipher": {
    "algorithm": "xchacha20-poly1305",
    "nonceLengthBytes": 24,
    "keyLengthBytes": 32
  },
  "commitmentScheme": {
    "algorithm": "hmac-sha256",
    "domain": "vaultkeepr-v3-commitment"
  }
}

⚠️ Note: the wallet signature is not included above. This is realistic — an attacker accessing a vault on IPFS sees exactly this data. The signature must be derived from the signer wallet's private key.

Rules

Crypto-only attack surface — social engineering, phishing, server hacking are out of scope.
Source code is public — review the full implementation at vaultkeepr-core.
First to move funds wins — the blockchain is the proof.
No time limit — the challenge remains active until the funds are claimed.
Share your approach — even partial findings help improve security. Use the submission form below.
Reward increases weekly — $100/week added to the wallet, plus community donations.
Realistic conditions — this vault is identical to a real user's vault. No shortcuts, no hints.

Source Code

📦

VaultKeepR/vaultkeepr-core

163 tests • MIT License • Fully auditable

Submit Findings

Submit Your Findings

Found something? Even partial breakthroughs are valuable. Your identity stays confidential.