Sword of Secrets is a multi-stage hardware Capture The Flag (CTF) challenge designed for hackers, tinkerers, and puzzle lovers who crave hands-on problem-solving. Housed in a sleek, keychain-sized board, this open-source adventure weaves together hardware hacking, cryptographic trickery, and low-level exploitation. As you delve through the stages, your mastery of embedded systems, RISC-V assembly code, datasheets, and creative debugging will be tested. Solving it means digging into both the schematics and source code—and truly understanding them.

This isn’t just a test of technical prowess—it’s a full-blown embedded gauntlet. A spiritual successor to Uri Shaked’s The Skull CTF, Sword of Secrets dares you to challenge how security is done—and undone—at the hardware level. Each stage unearths a new exploit path through cryptographic missteps, embedded assumptions, and silicon secrets. You’ll breach protection registers, twist SPI protocols, and bend memory layouts to your will—sometimes through the backdoor. With UART as your guide and datasheets as your map, this isn’t just a board—it’s an offensive security saga disguised as a keychain.

Flex Your Hardware, Cryptography, and Embedded Exploitation Skills

Sword of Secrets begins with hands-on hardware exploration. Review schematics, trace signal paths, and study datasheets to understand how the system works. Many challenges rely on spotting subtle design choices and using that knowledge to uncover hidden functionality or bypass protections.

You’ll face cryptographic challenges inspired by real-world exploits. The tasks focus on identifying flawed assumptions and implementation issues, requiring a solid understanding of how cryptography can fail in practice, not just in theory.

SoS uses a RISC-V microcontroller, and many challenges involve working at the firmware level. You’ll interact with low-level code and hardware interfaces, using precise control of execution to reveal vulnerabilities and gain deeper system access.

New Challenges Every Month

Sword of Secrets supports OTA updates over USB, making it easy to flash new content without any extra hardware. Each update adds a new stage or puzzle, expanding the challenge over time. New riddles will be released on a monthly basis, so even after solving the initial stages, there will always be something new to explore, exploit, or reverse-engineer.

These updates aren’t just plain binaries—they’re encrypted using a key embedded deep inside the microcontroller, protected by on-chip protections. In theory, this means the riddles can only be decrypted and executed by the device itself. If you think you can extract the key, bypass the protection, or decrypt the firmware off-device, we dare you to try it.

Sword Unlocked

Sword of Secrets comes with a locked bootloader by default—only officially encrypted firmware can be flashed to preserve the mystery. However, we invite you to unlock its true potential! As a stretch goal, we’re releasing an open bootloader version, transforming the device into a fully hackable platform. With it, you’ll be able to forge and flash your own adventures, share quests with fellow seekers online, and join a growing community of creators, tinkerers, and heroes crafting legends of their own.

Features & Specifications

• Microcontroller: CH32V003 32-bit RISC-V
• Storage: W29Q128 serial NOR flash
• USB Controller: CH340E

Open Source

The hardware schematics and design are completely open source and freely available for replication. All software (minus the cryptographic keys 😉) can be found in our GitHub repository. The KiCad project will be available from launch day, allowing anyone to recreate the hardware with ease. The software can be flashed using any compatible WCH flashing tool. And for those of you that cannot wait, you can find a virtual preview to whet your appetite.

Interested in This Project?

You can sign up at the top of this page to be notified when the campaign launches and to receive other updates. We only send out relevant content, and you can unsubscribe at any time.