FumbleChain makes breaking blockchains a sport.
Demonstrated for the first time last Thursday at the Black Hat infosec event, the deliberately flawed technology is meant to act as an educational tool for crypto developers.
“Basically, this what people call CTF, or ‘capture the flag,’” explained Nils Amiet, a senior security engineer at Kudelski and one of the developers behind the project. “Whenever you solve a challenge, that is when you get the flag. … The challenges are pretty technical.”
Through these curated and gamified challenges, the aim is to teach users about the complexities of blockchain technology.
According to Dan Guido, co-founder and CEO of cybersecurity firm Trail of Bits, which has audited over 20 different cryptocurrency projects, FumbleChain is similar to the wargames used in traditional software development.
“Competitions and training exercises are used throughout the security industry, sometimes in live competitions of 30,000 or more players at one time, to help educate and demonstrate the knowledge that participants have gained,” said Guido, adding:
“It’s long overdue for blockchain security to have its own wargame.”
Users collect game points dubbed “fumblecoins” every time they exploit a vulnerability in the FumbleChain blockchain and capture one flag. (The coins are only of value within the game itself.) Kudelski’s Amiet says FumbleChain’s core technology “looks a lot like bitcoin,” only simpler.
Daryl Hok, COO of blockchain cybersecurity company CertiK, said FumbleChain is designed to make blockchain “approachable” for engineers coming from a diverse set of backgrounds.
“[FumbleChain] provides a gamified, wargames model that may interest a broad audience with its approachability and incentives,” said Hok.