Metadata Games Round-up
After a week of creativity and research, we reached the end of the Metadata Games! A huge thank you to all the participants who put in so much effort throughout the week and turned up some really amazing examples of MEV and metadata exploits, as well as some great detective work in our less serious games.
Although games like these might seem like a distraction, they play an extremely important role in promoting awareness of privacy issues and supporting HOPR itself. Although everyone agrees privacy is important, getting people to take action is extremely hard. We’ve tried various narratives over the years, but the release of our D.E.R.P. tool and a shift in focus to DeFi and MEV was the first that really made people understand the urgency of the privacy situation in web3. In fact, D.E.R.P. was a huge factor in the recent investment of over $1m in HOPR from likeminded web3 projects.
Finding new and interesting angles on metadata privacy is an essential part of our work, and it’s amazing that the community was so engaged here and provided us with new material for our next round of outreach.
The Results
Here are the final results after all five games:
Team Global — 29🥇
Team Russian — 28🥈
Team Deutsch — 25🥉
Team Chinese — 17
Team Turkish — 16
Team Persian — 14
Congratulations to the winners, Team Global!
Each team will receive 25 HOPR Boost NFTs (sent either to the ambassador for the Telegram group or a nominated representative). It’s then up to the team to decide how to distribute them. You could hold a lottery, run another game, or just have a discussion and decide amongst yourselves. It’s entirely up to the participants!
Game 1 — Transaction Data
The first game involved a search for MEV exploits involving HOPR. There were some very interesting results, but what’s most amazing is how many transactions can be linked to MEV without too much digging. You can almost pick any transaction at random and find something. Although people are increasingly aware of MEV, it doesn’t seem like the full scale and scope of it has sunk in for everyone yet.
Several teams found good results using the tool at https://sandwiched.wtf/, although interestingly that tool missed some sandwich exploits which the teams found manually, suggesting that we’re still just scratching the surface of how much MEV is being conducted.
This image from Team Deutsch was the winner, because the visualization made the attack easy to understand.
The full interactive diagram can be viewed here.
Scores:
Team Deutsch — 7🥇
Team Global — 6🥈
Team Russian — 5🥉
Team Chinese — 4
Team Persian — 3
Game 2 — Timestamps
The second game involved looking back through history for examples of data breaches that the rest of the world might not have heard about. To be honest, we were hoping for some examples that predated computers and the Internet, but the teams did find some fascinating examples from more recent times, including some great examples of the dangers of leaking metadata.
Team Global won with the surreal story of PROMIS, the precursor to PRISM (read more on Wikipedia, although this doesn’t do justice to the full insanity of what happened), but this was closely followed by Team Turkish who highlighted a more prosaic but no less devastating breach which affected most of the population of Turkey.
Scores:
Team Global — 7 🥇
Team Turkish — 6 🥈
Team Russian — 5 🥉
Team Deutsch — 4
Team Chinese — 3
Team Persian — 2
Game 3 — Real-world Identifying Information
Game three involved highlighting ways online data has been used to expose people’s real-life identities. Team Turkish took this one with their analysis of the dangers of all the data which was gathered during the pandemic.
Scores:
Team Turkish — 7 🥇
Team Russian — 6 🥈
Team Global — 5 🥉
Team Persian — 4
Team Deutsch — 3
Game 4 — Location Data
The game was the most frivolous, but it’s still amazing how easy it is to identify people’s locations based just on photos. Teams had to track down the locations of photos provided by the HOPR team, and then provide their own examples of interesting photo locations. The theme was places which weren’t quite where they seemed to be. Team Deutsch triumphed with this typical looking German town square which is actually in… China!
You can play the original game here.
If you want more examples of just how far you can take this, British Youtuber Geowizard regularly tracks down his followers (with their consent!) using a single image.
Or for a really extreme example, see the infamous battle between 4Chan and Shia LeBeouf.
Scores:
Team Deutsch — 7 🥇
Team Global — 6 🥈
Team Russian — 5 🥉
Team Chinese — 4
Team Turkish — 3
Team Persian — 2
Game 5 — Wallet / IP Addresses
The final challenge was to find some new examples of potential data leaks using our revamped D.E.R.P. site. This proved the hardest for our teams, but we still got some great entries. The top spot went to Team Russian for their investigation into the Bulksender dApp, but it’s also worth checking out the entry from Team Chinese on GitHub, which made use of the new multi-chain setup features of version 2 of D.E.R.P.
Scores:
Team Russian — 7 🥇
Team Chinese — 6 🥈
Team Global — 5 🥉
Team Deutsch — 4
Team Persian — 3
Congratulations again to Team Global and thanks to everyone who participated in a fun and educational week of games!
Rik Krieger,
HOPR Co-Founder
Website: https://www.hoprnet.org
Twitter: https://twitter.com/hoprnet
Telegram: https://t.me/hoprnet
Discord: https://discord.gg/dEAWC4G
Forum: https://forum.hoprnet.org
Staking: https://stake.hoprnet.org
Bounties: https://bounties.hoprnet.org
