I Found a Message Hidden in Source Code and Cracked It! Here's How!

A few days ago I made a post about the Phantasma blockchain and how I thought it was introducing some cool features to the NFT spac...

7 months ago, comments: 0, votes: 0, reward: $0.00

A few days ago I made a post about the Phantasma blockchain and how I thought it was introducing some cool features to the NFT space. Following my research I joined the Phantasma Discord and found that the devs had been hinting at a hidden leak somewhere in their ecosystem:

I started thinking about this clue... "The truck finds the hay". This has to be a reference to tractors, right? And what do tractors do? Farm! As I looked around the Discord and researched more of the Phantasma Ecosystem, I eventually came across this site: pharming.phantasma.io

Pharming == Farming, right?

I figured that this site had to be the place to find the clue so I got to digging...

Nothing on the actual page itself seemed like a real clue so I did the next best thing:

Developer Tools.

Opening the source tab and scrolling through the code of the site, I noticed a very strange div and knew I had found the first hidden message!

Very suspicious name for a div, don't you think?

So I viewed the value of the div and this is the result:


Decoding the First Clue

Now, I knew this message was encoded. Having worked with encrypting images utilizing Base64 encoding, my gut told me to start there (my gut and that '=' sign at the end). I headed over to a Base64 decoder and fed in the string, here was the result:

41 77 68 77 53 52 46 63 4a 77 31 33 53 52 79 71 6f 51 39 77 6e 73 67 71 4a 52 58 36 4a 32 71 71 6d 77 71 71 6d 77 30 71 6d 33 4a 7a 6e 74 38 55 45 77 6d 71 6b 51 6e 36 6b 47 6e 79 53 51 42 69 4a 33 57 71 6f 73 4c 41 53 52 7a 64 6e 69 4c 69 4a 69 4c 32 6c 48 6d 71 4a 52 54 78 6d 69 4c 34 6c 51 35 35 56 71 7a 59 6c 51 76 32 53 52 42 36 6c 78 4a 79 53 52 7a 7a 6e 73 4c 34 6c 51 35 69 6c 48 41 63 53 52 7a 64 6e 69 4c 69 4a 69 6e 79 53 51 72 63 6c 51 31 32 6b 43 4c 78 6d 33 7a 64 53 52 4a 76 6e 77 76 73 6c 51 31 32 53 52 4a 74 6b 33 4a 34 4a 32 71 3d

Now, I was hoping that decoding the string would give me a straightforward answer to this hidden message in the form of English, but, Whattyagonnado.

Looking at these new values I saw that I was looking at a Hex dump. Someone had encoded another message in hexadecimal format, then encoded that hex in Base64...

Back to decoding!

Decoding the Second Clue

I googled a hex decoder, slapped in the new values, and found the following result:


Again, I was hoping that the hex would give me something a little more exciting but instead, this is what I was left with, another string that looks to be Base64 Encoded. All was going smoothly up until this clue, then I hit a wall...

Decoding the Third Clue

Seeing as this was yet another Base64 encoded string I figured, "Hey, let's just decode it again!". Unfortunately, the results were less than exciting...

Obviously, this wasn't the right solution and at this point, I was stuck. I tried several different variations of decoding: binary decoding, Base64 Image decoding, hex, I even tried reversing the string and using that but all the results came back with the same list of cryptic, unknown characters....

So I phoned a friend.

I called up my buddy who is not a developer but is someone who is just as fascinated with riddles, secret messages, and treasure hunts as I am. I explained the whole situation, where I was, and the latest results. Luckily for me, he had an idea: what if the new string wasn't encoded via software, but something more old school?

This was the key to finding the final solution!

So we found an online decoding site and started going through classic methods for encoding. We figured that if this message was encoded in a "classic" way then a Caesar Cipher is the most likely choice. Caesar Ciphers involve the shifting of every letter by a certain amount. This would be a logical way to doubly encode a base64 string, shift the values by X amount to create an "undecryptable" string.

So we got to shifting.

I ran the string through dcodes Caesar Cipher (a brute force approach but useful!) and got a list of results:

As you can see, the value to the left of the result is the number of spaces each letter was shifted and the right was the fully shifted result. I ran every single one of these through our Base64 decoder from before and after 7 attempts we got something exciting! Once we used the Shift +10 cipher we got this:

Blf ulfmw z xofv, dszgh rh rm sviv?

Rg hgzigh drgs z P zmw rg vmw drgs xlny.

Nliv tznvh ziv xlnrmt, zmw rg'h hllmvi gszm veviblmv vckvxgh

We. Were. Stoked.

Finally, something returned that resembled English! At this point we knew we had found the next clue, all we needed to do was resolve this last bit of jumbled characters.

Decoding the Final Clue!

At this point, we knew that we were working with English characters and ruled out any kind of software encoding. We started running through several different kinds of ciphers until we found something that clicked: Substitution!

Substitution Ciphers, as the name suggests, involved replacing a word in a sentence with another word. Utilizing dcode we ran our message through the substitution cipher and solved the riddle!

The answer to that strange div was as follows:

"You found a clue, what's in here?

It starts with a K and it end with comb.

More games are coming, and it's sooner than everyone expects"

I responded with this answer in the Discord and had it confirmed by a Mod:

While we solved the puzzle, the answer only leaves us with more questions...

"Starts with a K and it ends with comb"?

What does that mean? What will the next clue be?

I don't know yet, but when the next leak is hinted, I will be ready to get cracking :)

I hope you enjoyed my little treasure hunt. If you have any ideas as to what the solution means then by all means comment below or reach out to me on Twitter

Oh! And if you know of any other unsolved internet riddles, please send them my way! I'd love to take a crack at it!