Z. Cliffe Schreuders
680c7bfcae
feat: Generate Rails Engine structure
...
- Create mountable engine with isolated namespace
- Configure Pundit authorization
- Set up gemspec with dependencies
- Configure generators for test_unit with fixtures
2025-11-21 15:27:53 +00:00
Z. Cliffe Schreuders
87fae7cb07
refactor: Simplify unlock loading UI dramatically
...
User correctly pointed out the loading UI was over-engineered.
## Simplifications:
### Before (over-complicated):
- Complex timeline management
- Success/failure flash effects (green/red)
- Spinner alternatives
- Stored references on sprites
- Timeline cleanup logic
- ~150 lines of code
### After (simple):
- startThrob(sprite) - Blue tint + pulsing alpha
- stopThrob(sprite) - Kill tweens, reset
- ~20 lines of code
## Why This Works:
1. **Door sprites get removed anyway** when they open
2. **Container items transition** to next state automatically
3. **Game already shows alerts** for success/error
4. **Only need feedback** during the ~100-300ms API call
## API Changes:
- showUnlockLoading() → startThrob()
- clearUnlockLoading() → stopThrob()
- No success/failure parameter needed
- No stored references to clean up
## Result:
From 150+ lines down to ~30 lines total.
Same UX, much simpler implementation.
User feedback: "Just set the door or item to throb, and remove when
the loading finishes (the door sprite is removed anyway), and if it's
a container, just follow the unlock with a removal of the animation."
2025-11-20 15:37:38 +00:00
Z. Cliffe Schreuders
266bc7a7ca
docs: Clarify CSRF token handling for Hacktivity integration
...
User correctly noted that Hacktivity's application layout already includes
csrf_meta_tags, so we don't need to add them again.
## Changes:
### Section 9.3.1: Layout Strategy
- Split into Option A (Hacktivity layout - recommended) and Option B (standalone)
- **Option A (Recommended):** Read from existing meta tag
- Uses Hacktivity's csrf_meta_tags (already present in layout)
- No duplicate meta tags needed
- Reads via: document.querySelector('meta[name="csrf-token"]')?.content
- **Option B:** Standalone layout
- For when engine needs separate layout
- Must add <%= csrf_meta_tags %> to engine layout
- Can use <%= form_authenticity_token %> directly
### Section 9.3.3: Token Reading Logic
- Updated config.js to try multiple sources:
1. window.breakEscapeConfig.csrfToken (if explicitly set)
2. meta[name="csrf-token"] tag (from Hacktivity layout)
- Better error messages showing all sources checked
- Logs which source provided the token
### Section 9.3.5: Issue #2 Solution
- Updated to reference the fallback logic in 9.3.3
- Added debugging console commands
- Shows how to check all meta tags
## Key Points:
- ✅ Hacktivity layout csrf_meta_tags are reused (don't duplicate)
- ✅ Fallback chain ensures token found from either source
- ✅ Clear guidance for both integration scenarios
- ✅ Better debugging when token is missing
This aligns with Rails best practices and Hacktivity's existing setup.
2025-11-20 15:37:38 +00:00
Z. Cliffe Schreuders
cece95cd7f
feat: Add critical implementation details based on review
...
Based on comprehensive codebase review, enhanced implementation plans with:
## Phase 3 Updates (Scenario Conversion):
- Complete bash script to convert all 26 scenarios to ERB structure
- Explicit list of 3 main scenarios (ceo_exfil, cybok_heist, biometric_breach)
- List of 23 test/demo scenarios for development
- Instructions to rename .json to .erb (actual ERB code added later in Phase 4)
- Preserves git history with mv commands
- Both automated script and manual alternatives provided
## Phase 9 Updates (CSRF Token Handling):
NEW Section 9.3: "Setup CSRF Token Injection"
- Critical security implementation for Rails CSRF protection
- Complete view template with <%= form_authenticity_token %>
- JavaScript config injection via window.breakEscapeConfig
- CSRF token validation and error handling
- Browser console testing procedures
- 5 common CSRF issues with solutions
- Fallback to meta tag if config missing
- Development vs production considerations
## Phase 9 Updates (Async Unlock with Loading UI):
ENHANCED Section 9.5: "Update Unlock Validation with Loading UI"
- New file: unlock-loading-ui.js with Phaser.js throbbing tint effect
- showUnlockLoading(): Blue pulsing animation during server validation
- clearUnlockLoading(): Green flash on success, red flash on failure
- Alternative spinner implementation provided
- Complete unlockTarget() rewrite with async/await server validation
- Loading UI shows during API call (~100-300ms)
- Graceful error handling with user feedback
- Updates for ALL lock types: pin, password, key, lockpick, biometric, bluetooth, RFID
- Minigame callback updates to pass attempt and method to server
- Testing mode fallback (DISABLE_SERVER_VALIDATION)
- Preserves all existing unlock logic after server validation
## Key Features:
- Addresses 2 critical risks from review (CSRF tokens, async validation)
- Solves scenario conversion gap (26 files → ERB structure)
- Maintains backward compatibility during migration
- Comprehensive troubleshooting guidance
- Production-ready security implementation
Total additions: ~600 lines of detailed implementation guidance
2025-11-20 15:37:38 +00:00
Z. Cliffe Schreuders
d2e3524b6b
docs: Add comprehensive migration review (review1)
...
Complete codebase review against Rails Engine migration plans:
EXECUTIVE_SUMMARY.md (7KB, 243 lines):
- Overall assessment: READY FOR MIGRATION (95% confidence)
- Timeline: 10-12 weeks, ~64 hours total effort
- Zero blocking issues identified
- Key metrics and risk assessment
- Go/No-Go checklist
COMPREHENSIVE_REVIEW.md (47KB, 1,676 lines):
- Detailed current state analysis (95+ JS files, 800MB assets)
- Gap analysis with specific file references
- Risk matrix: 2 critical, 4 high, 3 medium (all mitigatable)
- Phase-by-phase recommendations with code examples
- Complete testing strategy
- Implementation checklists
Key Findings:
- Minimal client changes needed (~100 lines across 4 files)
- No architectural conflicts with current code
- All existing code well-organized and modular
- Clear path forward with realistic timeline
Recommendation: PROCEED WITH MIGRATION
2025-11-20 15:37:38 +00:00
Z. Cliffe Schreuders
5d22db5f69
docs: Add API reference and testing guide
...
Complete documentation for:
- 04_API_REFERENCE.md: All 9 API endpoints with examples
- 05_TESTING_GUIDE.md: Minitest strategy with fixtures and tests
These complete the documentation set along with the Hacktivity integration guide.
2025-11-20 15:37:38 +00:00
Z. Cliffe Schreuders
6e912eecec
docs: Add Hacktivity integration guide (Phase 12)
...
Complete step-by-step guide for mounting BreakEscape engine in Hacktivity:
- Gemfile and bundle installation
- Route mounting at /break_escape
- Database migration installation
- User model compatibility verification
- Static asset configuration
- Session and CSRF setup
- Content Security Policy (CSP) configuration
- Testing integration
- Deployment to staging
- Troubleshooting guide
- Verification checklist
- Performance monitoring
- Rollback plan
This completes the full documentation set (7 files, ~140KB total)
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
48c9669925
docs: Add comprehensive README with navigation and quick start
...
- Complete documentation structure guide
- Quick start instructions
- Phase checklist for progress tracking
- Architecture summary with diagrams
- Troubleshooting section
- Philosophy and success criteria
- Technology stack overview
- Before/after comparison
Documentation set complete: 5 core files, fully self-contained
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
95ef8c654d
docs: Add complete implementation plan (Phases 1-12)
...
Part 1 (Phases 1-6):
- Rails Engine setup with explicit commands
- Move files with mv (preserve git history)
- Create ERB scenario templates
- Database migrations and models
- Seed data (metadata only)
- Controllers with JIT Ink compilation
Part 2 (Phases 7-12):
- Pundit authorization policies
- Mission and game views
- Client API integration
- Comprehensive test suite
- Standalone mode support
- Final integration and deployment
Total: 78 hours, 12 phases, completely actionable with explicit bash/rails commands
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
27bd4e9760
docs: Add simplified 2-table schema (missions + games)
...
Added comprehensive planning docs:
- 00_OVERVIEW.md: Project aims, philosophy, all decisions
- 01_ARCHITECTURE.md: Complete technical design
- 02_DATABASE_SCHEMA.md: Full schema reference with examples
Key simplifications:
- 2 tables instead of 3-4
- Files on filesystem, metadata in database
- JIT Ink compilation
- Per-instance scenario generation via ERB
- Polymorphic player (User/DemoUser)
- Session-based auth
- Minimal client changes (<5%)
Next: Implementation plan with step-by-step TODO list
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
0eca2fac4c
docs: Add JIT Ink compilation approach (Issue #3 eliminated)
...
Benchmarked bin/inklecate compilation speed:
- Small files: ~300ms
- Large files: ~400ms
- Average: 330ms (fast enough for JIT!)
Controller now:
- Compiles .ink files on-demand when requested
- Only compiles if .json missing or .ink file is newer
- Caches compiled .json files on filesystem
- No build step, Rake tasks, or CI/CD setup needed
- Development-friendly: edit .ink, refresh browser
- Production-safe: optional pre-compilation
Issue #3 (Ink Compilation) eliminated entirely - 0 hours P0 work!
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
6da63c650d
docs: Add simplified 2-table schema (missions + games)
...
Major simplification to migration plan:
- Remove NpcScript model entirely
- Reduce to 2 tables: missions (metadata) + games (state + scenario snapshot)
- Serve ink files directly from filesystem via game endpoints
- Move scenario_data to game instances (enables per-instance randomization)
- Eliminates Issue #2 (NPC schema complexity)
- Reduces P0 fixes from 10 hours to 2-3 hours
- Much simpler seed process (metadata only)
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
e871d6df84
docs: Add comprehensive review of Rails Engine migration plan
...
- Identify 5 critical issues requiring fixes before implementation
- Validate architecture decisions (mostly solid)
- Provide corrected database schema for shared NPCs
- Document P0 fixes needed: Ink compilation, file structure, NPC schema
- Recommend 1.5 days of prep work to save 3-5 days of rework
- Total review: 6 documents covering issues, architecture, and solutions
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
50eba12238
docs: Add Hacktivity integration validation and setup guide
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
15fbadecb2
docs: Add complete Rails Engine migration plan (JSON-centric approach)
...
Comprehensive implementation plan for converting BreakEscape to a Rails Engine.
DOCUMENTATION CREATED:
- 00_OVERVIEW.md: Project aims, philosophy, decisions summary
- 01_ARCHITECTURE.md: Technical design, models, controllers, API
- 02_IMPLEMENTATION_PLAN.md: Phases 1-6 with bash/rails commands
- 02_IMPLEMENTATION_PLAN_PART2.md: Phases 7-12 with client integration
- 03_DATABASE_SCHEMA.md: 3-table JSONB schema reference
- 04_TESTING_GUIDE.md: Fixtures, tests, CI setup
- README.md: Quick start and navigation guide
KEY APPROACH:
- Simplified JSON-centric storage (3 tables vs 10+)
- JSONB for player state (one column, all game data)
- Minimal client changes (move files, add API client)
- Dual mode: Standalone + Hacktivity integration
- Session-based auth with polymorphic player
- Pundit policies for authorization
- ERB templates for scenario randomization
TIMELINE: 12-14 weeks (vs 22 weeks complex approach)
ARCHITECTURE DECISIONS:
- Static assets in public/break_escape/
- Scenarios in app/assets/scenarios/ with ERB
- .ink and .ink.json files organized by scenario
- Lazy-load NPC scripts on encounter
- Server validates unlocks, client runs dialogue
- 6 API endpoints (not 15+)
Each phase includes:
- Specific bash mv commands
- Rails generate and migrate commands
- Code examples with manual edits
- Testing steps
- Git commit points
Ready for implementation.
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
b1356c1157
docs: Add simplified Rails Engine migration approach
...
RECOMMENDED APPROACH: 12-14 weeks instead of 22 weeks
KEY SIMPLIFICATIONS:
- Use JSON storage for game state (already in that format)
- 3 database tables instead of 10+
- game_instances (with player_state JSONB)
- scenarios (with scenario_data JSONB)
- npc_scripts (Ink JSON)
- 6 API endpoints instead of 15+
- Bootstrap game
- Load room (when unlocked)
- Attempt unlock
- Update inventory
- Load NPC script (on encounter)
- Sync state (periodic)
VALIDATION STRATEGY:
- Validate unlock attempts (server has solutions)
- Validate room/object access (check unlocked state)
- Validate inventory changes (check item in unlocked location)
- NPCs: Load Ink scripts on encounter, run conversations 100% client-side
- NPC door unlocks: Simple check (encountered NPC + scenario permission)
WHAT WE DON'T TRACK:
- Every event (client-side only)
- Every conversation turn (no sync needed)
- Every minigame action (only result matters)
- Complex NPC permissions (simple rule: encountered = trusted)
BENEFITS:
- Faster development (12-14 weeks vs 22 weeks)
- Easier maintenance (JSON matches existing format)
- Better performance (fewer queries, JSONB indexing)
- More flexible (easy to modify game state structure)
- Simpler logic (clear validation rules)
Updated README_UPDATED.md to recommend simplified approach first.
Complex approach documentation retained for reference.
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
9316fb2632
docs: Add comprehensive codebase exploration documentation
...
Generated by automated codebase analysis.
Provides detailed breakdown of project structure, systems, and components.
Referenced by updated migration plans.
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
1e775ef89c
docs: Update Rails Engine migration plans for current codebase
...
Updated migration plans to reflect significant codebase evolution:
NEW SYSTEMS DOCUMENTED:
- NPC system (fully implemented with NPCManager, conversation state, events)
- Event system (80+ events across codebase)
- Global game state management (window.gameState.globalVariables)
- Multiple scenarios (24 total, up from 1 originally planned)
KEY UPDATES:
- UPDATED_MIGRATION_STATUS.md: Comprehensive status of what's changed
- What's implemented vs what still needs server-side integration
- Updated timeline: 22 weeks (was 18 weeks)
- New database schema requirements
- Updated risk assessment
- CLIENT_SERVER_SEPARATION_PLAN.md: Added 3 new systems
- System 5: NPC System (hybrid approach confirmed)
- System 6: Event System (selective logging)
- System 7: Global Game State (server as source of truth)
- Updated migration checklist: 9 phases (was 7)
- Updated timeline: 18-22 weeks
- README_UPDATED.md: New master index document
- Quick start guide
- Document index
- What's changed summary
- Timeline breakdown
- Architecture decisions
- Success metrics
MIGRATION APPROACH:
- Hybrid NPC approach: Scripts client-side, validation server-side
- Selective event logging: Critical events only
- State sync: Server as source of truth, client cache for performance
- Incremental rollout with dual-mode support
TIMELINE: 22 weeks (~5.5 months)
- Added 4 weeks for NPC, Event, State integration
- Original: 18 weeks → Updated: 22 weeks (+22%)
All plans are complete, self-contained, actionable, and feature-focused.
Ready for team review and implementation.
2025-11-20 15:37:37 +00:00
Z. Cliffe Schreuders
1c391c9d78
feat: Add educational tool help files for security tools
...
Create comprehensive Ink dialogue files for five security tools:
- Kali Linux: Overview and getting started guide
- nmap: Port scanning and network discovery
- Metasploit: Finding and running exploits
- chmod: File permissions and usage
- nikto: Web vulnerability scanning
Each file provides interactive educational content with:
- Multiple topic branches for different aspects
- Practical examples and use cases
- Step-by-step instructions
- Security and ethical usage reminders
- Navigation between related topics
These files can be included in game scenarios to provide
contextual help to players learning security tools.
2025-11-19 18:26:14 +00:00
Z. Cliffe Schreuders
4c561836ca
fix: Clean up all game scenario files
...
- Remove ready_for_practice and challenge_tips sections
- Update encoding_encryption.ink header and start section
- Clean exploitation.ink and post_exploitation.ink references
- Ensure all files use consistent game narrative format
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
2bf225483c
fix: Clean up phishing_social_engineering.ink structure
...
- Remove all tracking variables except haxolottle_rapport
- Remove challenge_tips, ready_for_simulation, end_session sections
- Add commands_reference section
- Ensure consistent Haxolottle speaker throughout
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
3ccfe9d99a
feat: Update remaining game scenario files to Haxolottle dialogue
...
- exploitation.ink
- post_exploitation.ink
- phishing_social_engineering.ink
- encoding_encryption.ink
- feeling_blu_ctf.ink
All files now use consistent Haxolottle character and conversational tone
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
245a3314fa
feat: Update vulnerabilities_exploits.ink for game narrative - convert to Haxolottle dialogue
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
7225babaf0
feat: Update scanning.ink for game narrative - convert to Haxolottle dialogue
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
2cce9e245e
feat: Update malware_metasploit.ink for game narrative - convert to Haxolottle dialogue
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
dddabe54fe
feat: Update vulnerability_analysis.ink for game narrative - convert to Haxolottle dialogue
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
be497931de
feat: Create reusable tool explanations and update intro_linux for game narrative
...
- Add nmap_basics.ink, metasploit_basics.ink, netcat_basics.ink as reusable tools
- Completely rewrite intro_linux.ink:
- Remove all unnecessary tracking variables
- Change from 'Tech Instructor' to 'Haxolottle'
- Remove lab/training/exercise language
- Convert to helpful NPC offering to explain concepts
- Keep all technical content but make conversational
- Link to reusable tool files where appropriate
- Use proper ink patterns (hub structure, #exit_conversation)
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
e46d8544a2
feat: Create game scenarios directory with lab sheet copies and dead drop system
...
- Copy all lab sheets to game_scenarios/ for narrative conversion
- Add dead_drop_system.ink explaining ENTROPY's flag-based communication
- Prepare for converting educational labs into game challenges
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
c4d367020a
feat: Add GBL Feeling Blu CTF challenge lab sheet - completes Introducing Attacks category
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
a94a8e4b55
feat: Add GBL vulnerability assessment lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
1a0539d432
feat: Add GBL post-exploitation techniques lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
ab96da0731
feat: Add GBL exploitation techniques lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
531a2499ae
feat: Add GBL information gathering and network scanning lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
614f5f9fe9
feat: Add GBL vulnerabilities, exploits, and remote access payloads lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
fbcc23b375
feat: Add GBL malware and Metasploit Framework lab sheet
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
6d271e1350
feat: Update GBL encoding and encryption lab sheet with corrected ink patterns
...
Improved version following ink best practices:
- Removed unnecessary tracking variables (ink handles choice visibility automatically)
- Uses hub structure with #exit_conversation
- Simplified dialogue flow
- Only tracks persistent state (instructor_rapport)
- Covers: encoding vs encryption, ASCII, hex, Base64, DES, AES, GPG, OpenSSL
- Commands reference and practical challenge tips included
Game-based learning replacement for traditional lab sheets.
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
433a5d6b1e
feat: Add GBL phishing and social engineering lab sheet
...
Converts cyber_security_landscape/3_phishing.md into interactive dialogue:
- Social Engineering Specialist NPC guides through human factors
- Hub structure covering: human factors, phishing basics, reconnaissance, email spoofing, malicious attachments, reverse shells
- Detailed explanations of macro creation, msfvenom payloads, and netcat
- Strong emphasis on ethical boundaries and authorized testing
- Attack workflow and challenge tips sections
- Progress tracking with ethical awareness flags
Educational content for authorized security testing only.
2025-11-19 18:24:26 +00:00
Z. Cliffe Schreuders
f081cf6712
feat: Add GBL Linux fundamentals lab sheet in ink format
...
Converts introducing_attacks/1_intro_linux.md into interactive dialogue:
- Tech Instructor NPC guides through Linux basics
- Hub structure for major topics: command-line, vi, piping, redirection, networking, SSH, Hydra
- Each topic has short explanations with deep-dive options
- Commands reference section
- Challenge tips for practical exercises
- Progress tracking and instructor rapport system
Game-based learning replacement for traditional lab sheets.
2025-11-19 18:24:25 +00:00
Z. Cliffe Schreuders
d0e27d69a1
docs: Add gameplay integration guide with Valley Memorial scenario example
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
dd70afca9f
docs: Update README with all 11 cell operations (complete)
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
f97302fe7f
feat: Add final 2 cell LORE fragments (AI Singularity and Crypto Anarchists)
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
96ceb2ffdd
feat: Add Ghost Protocol cell LORE fragment (Privacy Apocalypse data dump)
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
a499c5ee3f
feat: Add Supply Chain Saboteurs and Quantum Cabal LORE fragments
...
Created comprehensive operational reports for 2 more ENTROPY cells (total: 8 of 11):
7. Supply Chain Saboteurs - TRUSTED BUILD Post-Mortem (CELL_OP_SUPPLY_CHAIN_001):
- 18-month operation compromising enterprise software build pipeline
- Backdoor (SUNBEAM.dll) distributed to 12,847 organizations via trusted updates
- SolarWinds-style supply chain attack demonstration
- Discovered after 8 months, misattributed to nation-state actor
- Collateral damage: Developer-14 fired, CloudManage lost $2B, software update trust destroyed
- Copycat attacks likely (techniques now public)
- Cell refuses Phase 3: "Supply chain attacks cannot be safely constrained"
- Trojan Horse's realization: Lost control, broke trust irreversibly
8. Quantum Cabal - Tesseract Experiment Lab Notes (CELL_OP_QUANTUM_CABAL_001):
- Experiment QC-47 "Dimensional Interface Protocol" (Jan-Feb 2024)
- Blends legitimate quantum computing with Lovecraftian cosmic horror
- Real science: Quantum entanglement, QKD, superconducting qubits
- Anomalous results: Room temperature quantum coherence (violates physics)
- Non-random measurement patterns, mathematical proofs from unknown source
- Psychological casualties: Dr. Park (whispers, medical leave), Dr. Sharma (resigned)
- Dr. Kowalski decoded proof of "quantum consciousness"
- Dr. Cross (Singularity) insists experiments continue despite trauma
- Ambiguous conclusion: New physics? Collective delusion? Actual contact?
- Recommendation: Terminate research, some doors should stay closed
Key Themes:
- Supply Chain: Most successful operation becomes most ethically disastrous
- Supply Chain: Lost control of complex attack, trust erosion irreversible
- Quantum Cabal: Unique tone blending serious science with cosmic horror
- Quantum Cabal: Uncertainty is the horror—unclear what's real
- Both cells show fracturing: Members resign/medical leave, refuse Phase 3
- Pattern continues: ENTROPY operations cause uncontrollable consequences
Educational Value:
- Supply Chain: Software build security, SolarWinds-style attacks, trust models
- Supply Chain: Supply chain attack cascading consequences and replication
- Quantum Cabal: Quantum computing, quantum cryptography (all accurate science)
- Quantum Cabal: Observer bias, frontier research ethics, pseudoscience vs breakthrough
- Both maintain high educational rigor while exploring ethical complexity
Narrative Innovation:
- Supply Chain: Post-mortem format shows reflection after disaster
- Quantum Cabal: Lab notes format, ambiguous "horror" without clear conclusion
- Quantum Cabal: First cell where threat isn't clearly defined (existential uncertainty)
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
8a93e07afc
feat: Add 3 more cell-specific LORE fragments (Ransomware Inc, Zero Day, Social Fabric)
...
Added comprehensive operational reports for 3 additional ENTROPY cells (total: 6 of 11):
4. Ransomware Incorporated - Healthcare Ethics Review (CELL_OP_RANSOMWARE_INC_001):
- Q3 2024: 8 healthcare ransomware deployments
- Detailed 3-tier system (Tier 1: NEVER encrypt life-critical systems)
- Valley Memorial Hospital near-death incident (14-min ICU monitoring gap, patient blood pressure drop)
- Kill switch activation prevented death (auto-decrypt in 8 minutes)
- 48-hour auto-decryption prevents permanent damage
- Cipher King's profound moral crisis ("One death makes us murderers")
- Measurable impact: Drove $47M security investment across healthcare
- Phase 3 status: Uncertain participation due to Valley Memorial trauma
5. Zero Day Syndicate - Vulnerability Research Report (CELL_OP_ZERO_DAY_001):
- Q3 2024: 12 vulnerabilities discovered (7 critical, 5 high severity)
- Epic EHR disclosed responsibly (protected 250M patient records)
- SCADA vulnerabilities retained for Phase 3 (enabled Critical Mass)
- $15M dark web value rejected (ideology over profit)
- Disclosure dilemma: Protect users vs. demonstrate insecurity
- Prophet's moral ledger: Epic disclosure protected patients, but SCADA weaponization enabled Valley Memorial
- 8 zero-days reserved for Phase 3, immediate disclosure after
- Dead man's switch for auto-disclosure if compromised
6. Social Fabric - Polarization Campaign Analysis (CELL_OP_SOCIAL_FABRIC_001):
- Operation FRACTURED TRUST (April-Sept 2024)
- 627 fake personas, 47M impressions, 12 narratives reached mainstream media
- Measurable harm: Community trust ↓22%, polarization ↑38% in test counties
- Real victims: 2 candidates harassed off campaigns, communities damaged
- Psychological toll: 3 member resignations, substance abuse, depression
- Dissonance's complete ethical collapse: "We've become indistinguishable from the enemy"
- Cell REFUSES Phase 3 participation (vote: 8-2 against)
- Leader resigns: "Some problems can't be demonstrated without becoming the problem"
Key Themes Across All 6 Fragments:
- Ethical complexity and genuine moral doubt from all cell leaders
- Safeguards exist but can fail (Valley Memorial proves this)
- Internal dissent and fracturing (2 cells refuse/question Phase 3)
- Measurable real-world impact (both positive reform and negative harm)
- Psychological toll on operators (resignations, moral distress)
- Financial sacrifice for ideology ($15M+ foregone for beliefs)
Updated README:
- Fragment count: 3 → 6 (6 of 11 cells complete)
- Added 3 new cell summaries with player value
- Updated Phase 3 integration (shows cell refusals and doubts)
- Updated recommended reading order (1-6 with progression)
- Revised future additions (5 cells remaining)
Educational Value:
- Ransomware Inc: Healthcare cybersecurity, ethical attack constraints, risk assessment
- Zero Day: Vulnerability disclosure ethics, bug bounty economics, researcher responsibility
- Social Fabric: Information operations, algorithmic manipulation, psychological warfare ethics
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
8f37b949c1
feat: Add cell-specific LORE fragments for Critical Mass, Digital Vanguard, and Insider Threat Initiative
...
Created detailed operational reports from three key ENTROPY cells:
1. Critical Mass - Grid Reconnaissance (CELL_OP_CRITICAL_MASS_001):
- 847 SCADA systems compromised with Equilibrium.dll
- 5 insider assets detailed (Switchboard, Kilowatt, Voltage, Megawatt, Blackbox)
- Hospital/emergency bypass lists (ethical constraints)
- Phase 3 readiness at 95%
- Shows Blackout's moral struggle with potential casualties
2. Digital Vanguard - Paradigm Shift Q3 Report (CELL_OP_DIGITAL_VANGUARD_001):
- Legitimate consulting front ($847K revenue)
- 10 operations (8 successful, 2 failed)
- Intelligence hub for other cells
- 4 corporate insider assets
- Shows Morpheus questioning ethics of trust exploitation
3. Insider Threat Initiative - Deep State Operation (CELL_OP_INSIDER_THREAT_001):
- 47 government placements (DOE, CISA, FBI, NSA, FERC, etc.)
- 10-year infiltration operation (2018-2028)
- Detailed recruitment and vetting processes
- Polygraph countermeasures (ideological true believers)
- Shows Raven's responsibility for recruited civil servants
Features:
- Cross-cell intelligence sharing patterns
- Phase 3 integration and coordination
- Ethical complexity and moral doubt from cell leaders
- Professional competence and OPSEC discipline
- Educational CyBOK alignment (SCADA security, insider threats, social engineering)
- Gameplay integration notes
All fragments align with universe bible 11-cell structure.
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
a8135d3703
fix: Update ENTROPY LORE to align with universe bible 11-cell structure
...
- Remove inconsistent 5-cell (ALPHA/BETA/GAMMA/DELTA/EPSILON) structure
- Update all organizational LORE to reference 11 established cells:
* Digital Vanguard, Critical Mass, Quantum Cabal
* Zero Day Syndicate, Social Fabric, Ghost Protocol
* Ransomware Incorporated, Supply Chain Saboteurs
* Insider Threat Initiative, AI Singularity, Crypto Anarchists
Changes:
- STRAT_001: Add postscript explaining evolution from 5 to 11 cells
- TECH_TOOL_001: Update to reference Critical Mass (not DELTA)
- ENTROPY_PERSONNEL_001: Update Cascade to match Critical Mass member Dr. Sarah Winters
- ENTROPY_OPS_001: Update to reference Digital Vanguard and Insider Threat Initiative
- ENTROPY_HISTORY_001: Note early cell evolution to specialized structure
- PROTO_CELL_001: Remove specific cell designation examples
- TRAIN_RECRUIT_001/TRAIN_OPSEC_001: Remove cell-specific references
- README_ORGANIZATIONAL_LORE: Remove OPCOM_001, update all references
Deletions:
- OPCOM_001: Removed Phase 3 coordination doc (inconsistent with universe bible)
This brings all organizational LORE into consistency with established universe bible.
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
a75fb6c110
feat: Add ENTROPY organizational LORE fragments revealing internal operations
...
Created 7 comprehensive internal ENTROPY documents organized into 5 categories, providing deep insight into the organization's structure, methods, philosophy, and operations.
## New Fragment Categories:
### 1. Training Materials (2 fragments)
**TRAIN_RECRUIT_001: Asset Recruitment Fundamentals**
- Complete recruitment methodology manual (3.2, June 2024)
- Four vulnerability categories: Financial (75% success), Ideological (45%), Personal (60%), Career (35%)
- Seven-stage progressive commitment (Week 1: innocent contact → Week 10: full operational)
- Target organization prioritization (Tier 1: Critical infrastructure, Tier 2: Fortune 500, Tier 3: SMB)
- OPSEC protocols for recruiters (cover identity, surveillance detection, compartmentalization)
- Case studies: NIGHTINGALE (success - Sarah Martinez), CARDINAL (failure - security researcher)
- Ethical considerations from The Architect
- **Educational Value:** Social engineering, insider threat vectors, recruitment psychology
**TRAIN_OPSEC_001: Handler Operational Security**
- Golden Rules: You Don't Exist, Trust Is Liability, Assume Surveillance, Compartmentalization Is Sacred
- Handler identity management (codenames, separate devices, digital hygiene)
- Asset communication protocols (Signal for coordination, dead drops for intel, in-person rare)
- Surveillance Detection Routes (SDR) - 60-90min before every meeting
- Payment security (cryptocurrency preferred, cash acceptable, wire transfer avoid)
- Counter-intelligence awareness (detecting flipped assets)
- Capture protocols: "I want a lawyer" (repeat indefinitely)
- Burnout recognition and exit procedures
- **Educational Value:** Covert operations tradecraft, OPSEC principles, countersurveillance
### 2. Operational Communications (1 fragment)
**OPCOM_001: Phase 3 Cell Coordination**
- The Architect's final coordination message (June 28, 2025, T-minus 17 days)
- Recipients: All 5 cell leaders (ALPHA_PRIME through EPSILON_PRIME)
- Cell-specific target assignments:
- **ALPHA**: Financial systems (banks, stock exchange, cryptocurrency)
- **BETA**: Healthcare (EHR, medical devices, insurance - life-safety protected)
- **GAMMA**: Telecommunications (ISP routing, mobile data, DNS)
- **DELTA**: Energy grid (SCADA, load balancing, brownouts not blackouts)
- **EPSILON**: Transportation/Logistics (airlines, freight, transit)
- Operational timeline: July 15, 2025, 00:00-14:00 EST (staggered activation)
- Abort criteria: Life safety risk, operational compromise, strategic conditions violated
- Success definition: 40% minimum, 70% target, 100% optimal
- Strategic restraints: Zero casualties, reversible damage, 72-hour window
- **Reveals:** Complete Phase 3 plan, coordination between cells, specific targets
### 3. Cell Protocols (1 fragment)
**PROTO_CELL_001: Cell Structure and Operations**
- Cell hierarchy: Architect → Cell Leaders → Handlers → Technical Specialists → Support Roles
- Typical cell size: 8-15 members (1 leader, 3-5 handlers, 2-3 technical, 2-4 support)
- Cell budget: $500K-$1.5M annually (60% asset payments, 15% equipment, 15% infrastructure, 10% stipends)
- Weekly operational meetings (rotating safe houses, 90min, phones in Faraday bags)
- Burn protocols: Level 1 (individual), Level 2 (cell), Level 3 (network)
- Target selection criteria (centralized systems, avoid small business/life-safety)
- Asset management (recruitment, tasking, payment, termination)
- Inter-cell communication (prohibited except through Architect)
- **Educational Value:** Covert organization structure, compartmentalization, operational security
### 4. Strategic Planning (1 fragment)
**STRAT_001: Ten-Year Vision (2015-2025)**
- Original October 2015 strategic document by The Architect
- Updated January 2023 with postscript for cell leaders
- **Phase 1 (2015-2018)**: Foundation - Build capabilities, recruit founding members
- Goal: 15-20 members across 3 cells, initial tooling
- Status: EXCEEDED (5 cells, 60+ members, advanced tools)
- **Phase 2 (2018-2022)**: Expansion - Scale operations, recruit 100+ assets
- Goal: 5 cells, 100+ assets in critical infrastructure, 20-30 operations
- Status: ACHIEVED (Equilibrium.dll on 800+ systems, 25 successful operations)
- **Phase 3 (2023-2025)**: Demonstration - Coordinated multi-sector disruption
- Activation: July 15, 2025
- Goal: Demonstrate infrastructure fragility at scale
- **Phase 4 (2025-2030)**: Options post-Phase 3 (Dissolve, Continue, Go Public, Pivot to Defense)
- Strategic philosophy: Why 10 years? Why constraints? Why anonymity?
- Risk assessment: Operational, strategic, organizational, moral failures
- **Proves:** Everything was intentional, strategic, part of coherent long-term vision
### 5. Technical Documentation (1 fragment)
**TECH_TOOL_001: Equilibrium.dll Documentation**
- SCADA backdoor malware for power grid load manipulation
- Deployment: 847 systems across 47 power utilities (April 2024)
- Attack vector: DLL side-loading (version.dll proxy in Siemens WinCC)
- Functionality: Intercept load balancing commands, create rolling brownouts
- C2 infrastructure: Domain fronting via CloudFlare (maintenance-updates.scada-systems.com)
- Anti-detection: AV evasion, SIEM evasion, mimics Windows Update traffic
- Bypass lists (ABSOLUTE): Hospitals, emergency services, critical infrastructure (never affected)
- Phase 3 activation: July 15, 2025, 06:00 EST
- Constraints: Max 2-hour brownout per zone, equipment protection maintained, remote kill switch
- Self-destruct: July 20, 2025 (delete all traces)
- **Educational Value:** SCADA vulnerabilities, DLL side-loading, C2 infrastructure, ethical constraints in malware
### 6. Ideology (1 fragment)
**IDEOLOGY_001: On Inevitability Manifesto**
- The Architect's philosophical treatise (March 2016, updated January 2023)
- **Chapter 1**: Entropy and Systems - Thermodynamics, fragility of centralization
- **Chapter 2**: The Illusion of Security - Security theater vs. actual security
- **Chapter 3**: Why We Are Not Terrorists - Constraints, no violence, no demands
- Zero casualties requirement, reversible damage, institutional targets, no political demands
- **Chapter 4**: The Moral Calculus - Utilitarianism (justified), Deontology (unjustified), Virtue Ethics (depends on execution)
- **Chapter 5**: What Comes After - 3 scenarios (Society learns, ignores, overreacts)
- **Chapter 6**: To Those Who Join - What members are signing up for (prison risk, moral weight, stress)
- The Architect's 2023 postscript: Doubt is constant, but conviction remains
- **Reveals:** ENTROPY's genuine ideological motivation, ethical struggles, principled approach (even if misguided)
### 7. README Documentation
**README_ORGANIZATIONAL_LORE.md**
- Comprehensive guide to all 7 organizational fragments
- Discovery and player integration recommendations
- Cross-references (internal ENTROPY docs, existing LORE fragments, evidence templates)
- Educational value mapped to CyBOK domains
- Fragment statistics (50,000 words total)
- Narrative themes (complexity, fragility/resilience, means/ends, human cost)
- Usage guidelines for game developers
- Recommended discovery order for progressive revelation
## Organizational Structure Revealed:
**ENTROPY Network:**
- 5 operational cells: ALPHA, BETA, GAMMA, DELTA, EPSILON
- Each cell: 8-15 members
- 60+ total members, 120+ recruited assets
- Centralized leadership: The Architect
- Distributed operations: Cell autonomy within strategic framework
**Operational Capabilities:**
- Asset recruitment (4 vulnerability types, proven methods)
- Infrastructure compromise (financial, healthcare, telecom, energy, transportation)
- Advanced malware (Equilibrium.dll + others referenced)
- Secure communications (Signal, dead drops, PGP)
- Financial infrastructure (cryptocurrency, shell companies)
**Ethical Framework:**
- Zero casualty constraint (absolute requirement)
- Reversible damage only (72-hour demonstration window)
- Institutional targets (not individuals)
- Bypass lists for life-safety systems
- Members can exit safely
## Cross-References:
**Links to existing LORE:**
- Sarah Martinez = NIGHTINGALE case study in TRAIN_RECRUIT_001
- Operation Glass House = references in multiple training docs
- Phase 3 directive = expanded detail in OPCOM_001
- The Architect's philosophy = IDEOLOGY_001 manifesto
**Links to evidence templates:**
- TEMPLATE_001-006 identify specific assets
- Organizational LORE shows recruitment and management methods
- Combined: Complete picture of ENTROPY operations
## Educational Value (CyBOK):
**Training Materials:**
- Social engineering principles and insider threat recruitment
- Operational security for covert activities
- Psychological profiling and vulnerability exploitation
**Operational Communications:**
- Critical infrastructure protection priorities
- Coordinated attack response
- Multi-sector incident coordination
**Cell Protocols:**
- Organizational compartmentalization
- Covert communication methods
- Counterintelligence awareness
**Strategic Planning:**
- Long-term adversary planning
- Strategic vs. tactical threat analysis
- Risk assessment methodologies
**Technical Documentation:**
- SCADA security vulnerabilities
- Malware analysis (DLL side-loading, C2 infrastructure)
- Anti-forensics and detection evasion
**Ideology:**
- Threat actor psychology and motivation
- Hacktivism vs. terrorism distinctions
- Ethical hacking debates
## Gameplay Integration:
**Progressive Revelation:**
- Early: Training materials, cell protocols (structure)
- Mid: Operational comms, technical docs (capabilities)
- Late: Strategic planning, ideology (philosophy)
**Mission Design:**
- Phase 3 deadline creates urgency (July 15, 2025)
- Cell targets enable focused counter-ops
- Technical docs provide defensive intelligence
**Moral Complexity:**
- ENTROPY presented as principled antagonists
- Genuine ideological motivation (not pure malice)
- Ethical constraints (zero casualties, reversible damage)
- Players must grapple: Are they entirely wrong?
All fragments maintain narrative consistency, educational alignment with CyBOK security domains, and interconnected storytelling across the ENTROPY universe.
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
2929bdb322
feat: Add TEMPLATE_006 (Message Logs) and comprehensive template documentation
...
Created Template 006 for encrypted messaging app evidence (Signal/Wickr) showing ENTROPY handler-asset communications, plus comprehensive README documentation for the entire template system.
## New Files:
### TEMPLATE_AGENT_ID_006_message_logs.md
- **Evidence Type:** Signal/Wickr encrypted messaging app logs
- **Key Feature:** Handler uses subject's REAL NAME 8 times in operational comms
- **Direct Identity Confirmation:** Definitive proof of NPC as ENTROPY asset
- **Evidence Strength:** 75% alone → 99% combined with other templates
- **High Cooperation Potential:** 85% base (subject wants out, shows coercion)
**5 Message Threads Included:**
1. Initial Tasking - Handler assigns data theft, uses real name
2. Operational Concerns - Subject worried, handler reassures
3. Coordination with Cell - Payment confirmed, second asset mentioned
4. Internal ENTROPY Comms - Handler briefs cell leader, confirms recruitment method
5. Escalation and Pressure - Subject wants out, handler threatens and coerces
**What Makes This Template Unique:**
- Only template with direct real name confirmation via ENTROPY internal comms
- Shows subject is KNOWN ENTITY within ENTROPY organization
- Reveals handler's OPSEC failure (using real names)
- Documents coercion and victimization (subject tried to quit)
- Provides intelligence beyond subject: handler contact, cell structure, operations
- Creates moral complexity: perpetrator who is also victim
**Substitution Variables (17 total):**
- [SUBJECT_NAME], [SUBJECT_CODENAME], [HANDLER_CODENAME]
- [CELL_DESIGNATION], [OPERATION_NAME]
- [HANDLER_PHONE], [SUBJECT_PHONE]
- [TARGET_ORGANIZATION], [DATA_TYPE], [SYSTEM_NAME]
- [AMOUNT], [MEETING_LOCATION], [DEADLINE_DATE]
- [DATE_1] through [DATE_5], [TIME_1] through [TIME_5]
- [PRESSURE_DETAIL], [SUBJECT_CONCERN]
- [SECOND_ASSET_CODENAME], [CELL_LEADER_CODENAME]
**Gameplay Integration:**
- Discovery: RARE (server compromise or handler device seizure)
- Unlocks: Handler arrest, second asset ID, cell mapping
- Interrogation approaches: Overwhelming evidence (85%), Empathetic victim-focused (90%), Strategic flip (90%)
- Intelligence yield: Cell structure, handler contact, dead drops, payment methods
**Educational Value (CyBOK):**
- Encrypted messaging security & limitations
- OPSEC failures in operational communications
- Mobile device forensics
- Digital evidence authentication
- Insider threat psychology and coercion tactics
- Counterintelligence and asset flipping
### README.md (Comprehensive Template System Guide)
- **Purpose:** Complete documentation for using all 6 evidence templates
- **Sections:** Quick start, substitution guide, best practices, examples
**Key Content:**
- Quick Start Guide (4 steps: Choose templates → Gather values → Substitute → Deploy)
- Complete 6-template overview with summaries
- **Complete Substitution Variable Reference Table:**
- Core Identity (3 variables - used in ALL templates)
- ENTROPY Operational (7 variables)
- Financial (4 variables)
- Technical/System (3 variables)
- Communication (3 variables)
- Location (3 variables)
- Temporal (5 variables)
- Contextual (4 variables)
- Evidence Combination Strategies (5 strategic paths)
- Interrogation Approaches by Evidence Collected (clear unlocks)
- Best Practices (DO/DON'T lists)
- Rarity and Discovery Recommendations (progression table)
- Success Metrics and Gameplay Impact (evidence count → outcomes)
- Customization Examples (3 complete NPC scenarios with all substitutions)
- Educational Value Summary (CyBOK alignment)
- Quick Reference Checklist
**DO/DON'T Best Practices:**
✓ Replace ALL placeholders
✓ Keep values consistent across templates for same NPC
✓ Match timeline chronologically
✓ Consider cooperation potential
✗ Don't leave [BRACKETS] in final version
✗ Don't require 100% collection
✗ Don't over-punish coerced NPCs
## Updated Files:
### TEMPLATE_CATALOG.md
- Updated template count: 5 → 6
- Updated section title: "The Five Evidence Templates" → "The Six Evidence Templates"
- Added complete Template 006 entry with:
- Full substitution variable list (17 variables)
- Message thread summaries
- Real name usage pattern analysis
- 9 red flags documented
- Evidence strength progression
- Gameplay integration details
- Forensic & legal assessment
- Cross-references to other templates
- Discovery scenarios and timing
- Updated Evidence Chain diagram to include Message Logs
- Updated Confidence Thresholds table: Added 6-template row (99.9% confidence, 95% cooperation)
- Added 2 new combination strategies:
- "Real Name Confirmation + High Cooperation" (Templates 006 + 005 + 002 = 99%, 95% cooperation)
- "Complete Cell Mapping" (Templates 006 + 004 + 002 + 003 = 99.9%, enables handler arrest)
- Added Template 006 to Discovery Placement Recommendations (Very Hard, Late investigation)
- Updated Expansion Opportunities: Renumbered future templates 007-011 (was 006-010)
- Updated Version History: Added v2.0 entry
- Updated Quick Reference Card: Added Template 006 with ⭐ NEW marker
## System Impact:
**Template System v2.0:**
- Total Templates: 6 (was 5)
- Total Substitution Variables: 32+ unique placeholders
- Evidence Chain: 6-step progression from suspicion → definitive proof
- Maximum Confidence: 99.9% (all 6 templates)
- Cooperation Range: 50% (1 template) → 95% (all 6 with empathetic approach)
**New Capabilities:**
- Direct real name confirmation via ENTROPY internal comms
- Handler identification and arrest enablement
- Cell structure mapping
- Second asset discovery at same organization
- Coercion documentation for cooperation agreements
- Highest cooperation potential (85-95%)
**Documentation Completeness:**
- Quick start guide for new users
- Complete variable reference (32+ variables documented)
- 5 evidence combination strategies
- 8 interrogation approach unlocks
- 3 complete NPC customization examples
- Educational value mapped to CyBOK
## Integration Notes:
**Template 006 Cross-References:**
- Corroborates Template 002 (payment amounts match message discussions)
- Corroborates Template 003 (data extraction dates align with tasking)
- Corroborates Template 004 (dead drop timing/location matches messages)
- Corroborates Template 005 (emotional arc: trapped, wants out)
- Connects to RECRUITMENT_001 (financial pressure methodology)
- Connects to TACTICAL_001 (if operation is infrastructure attack)
- Connects to LEVERAGE_001 (pressure detail as leverage point)
**Recommended Discovery:**
- Rarity: RARE (Very Hard)
- Timing: Late game (Mid-game for major operation rewards)
- Prerequisites: Server compromise OR handler device seizure
- Value: Very High (real name confirmation + handler intel + cell mapping)
All templates maintain narrative consistency, CyBOK educational alignment, and infinite reusability through [PLACEHOLDER] substitution system.
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
b5d3ee33c4
feat: Add reusable evidence template system for ENTROPY agent identification
...
Created 5 comprehensive evidence templates with [PLACEHOLDER] substitution system that enable infinite NPC agent identification across scenarios.
## New Files:
- TEMPLATE_AGENT_ID_001_encrypted_comms.md
* Intercepted PGP-encrypted communications
* 40% confidence alone, 90% combined
* Red flags: Policy violations, ProtonMail, after-hours timing
- TEMPLATE_AGENT_ID_002_financial_records.md
* Bank transactions & cryptocurrency forensics
* 60% confidence alone, 98% combined
* Red flags: Unexplained cash, ENTROPY wallet, shell companies
- TEMPLATE_AGENT_ID_003_access_logs.md
* IT audit showing unauthorized system access
* 70% confidence alone, 98% combined
* Documents 5 incidents: Reconnaissance → Exfiltration → Cover-up
- TEMPLATE_AGENT_ID_004_surveillance_photos.md
* 14-day surveillance op with 7 photo scenarios
* 50% confidence alone, 95% combined
* Handler identification, dead drops, countersurveillance
- TEMPLATE_AGENT_ID_005_physical_evidence.md
* Handwritten 3-page emotional confession
* 80% confidence alone, 99.9% combined
* Enables 95-98% cooperation through empathetic approach
* Arc: Willing participant → Trapped → Desperate for help
- TEMPLATE_CATALOG.md
* Complete template system documentation
* Substitution guide & best practices
* Evidence chain methodology
* Integration strategies & success metrics
## Template System Features:
- [PLACEHOLDER] format for runtime substitution
- Evidence chain: Single evidence (40-80%) → All 5 (99.9%)
- Cooperation likelihood scales with evidence quality
- Multiple interrogation approaches unlocked by different combinations
- Infinite reusability across NPCs and scenarios
## Integration:
- Updated GAMEPLAY_CATALOG.md with template section
- Evidence Prosecution category expanded from 1 to 6 fragments
- Total gameplay-focused fragments: 13 (8 unique + 5 templates)
- Templates work standalone or combine for overwhelming cases
## Educational Value (CyBOK):
- Digital forensics (email analysis, blockchain tracing)
- Insider threat detection (behavioral indicators)
- Investigation methodology (evidence corroboration)
- Legal process (admissibility, chain of custody)
- Psychological profiling & ethical interrogation
## Gameplay Impact:
Each template enables different player actions and unlocks specific interrogation approaches based on evidence collected. System designed to reward thorough investigation while not requiring 100% collection for success.
2025-11-19 17:43:15 +00:00
Z. Cliffe Schreuders
56b0b654f1
feat: Add gameplay-function LORE fragments with mission integration
...
Created 8 gameplay-focused LORE fragments organized by what players
can DO with the information, not just narrative content. Each fragment
enables specific mission objectives, player choices, and success metrics.
**Organization by Gameplay Function:**
📋 Evidence Prosecution (1 fragment):
- ALPHA_07 criminal conspiracy communication
- Enables: Federal prosecution, arrest warrants, 95% conviction rate
- Unlocks: Protection for Sarah Martinez, tactical arrests
🎯 Tactical Intelligence (1 fragment):
- 48-hour countdown to power grid attack
- Enables: Time-pressure mission, 3 tactical approaches
- Unlocks: Grid defense, prevents Phase 3 backdoor installation
- Branching: Hard takedown / Insider flip / Extended surveillance
💰 Financial Forensics (1 fragment):
- Complete crypto trail from Sarah's payment to master wallet
- Enables: $8.2M asset seizure, funding disruption
- Unlocks: The Architect identity clues, shell company network
- Impact: -60% ENTROPY operational capacity if successful
🎣 Recruitment Vectors (1 fragment):
- ENTROPY's internal asset recruitment playbook
- Enables: Prevention programs, counter-recruitment, sting ops
- Unlocks: At-risk employee identification, pipeline disruption
- Impact: -30% to -50% future insider threats
🔓 Technical Vulnerabilities (1 fragment):
- SCADA zero-day Equilibrium.dll complete analysis
- Enables: Detection scripts, patch deployment, infrastructure hardening
- Unlocks: Grid protection before Phase 3, honeypot strategies
- Success metric: 100% patched = no Phase 3 grid failures
📍 Asset Identification (1 fragment):
- Complete surveillance package on 3 CELL_DELTA_09 subjects
- Enables: Coordinated arrests, tactical planning, insider cooperation
- Unlocks: Robert Chen flip opportunity, optimized approach
- Success: 85-95% based on intel collected
👥 Victim Testimony (1 fragment):
- Hospital administrator emotional testimony (patient death from ransomware)
- Enables: Emotional investment, motivation, dialog options
- Unlocks: Moral context, interrogation appeals, "Remember Why We Fight"
- Impact: Player engagement, meaningful success/failure consequences
🔄 Leverage Materials (1 fragment):
- Cascade's mother cancer treatment leverage analysis
- Enables: Operative turning, 4 distinct ethical approaches
- Unlocks: CELL_BETA complete intelligence, redemption arc
- Choices: Compassionate (85% success) / Manipulative (45%) /
Ethical refusal / Anonymous help
**Key Integration Features:**
Mission-Critical Intel:
- TACTICAL_001 triggers 48-hour countdown mission
- ASSET_ID_001 required for optimal tactical planning
- TECHNICAL_001 enables infrastructure protection
- All fragments improve success probability measurably
Branching Player Choices:
- Evidence: Prosecution vs. plea deals
- Tactical: 3 arrest strategies with different risk/reward
- Financial: Seizure priorities and timing
- Recruitment: Prevention vs. counter-recruitment vs. sting
- Technical: Patch race vs. honeypot vs. shutdown
- Leverage: Compassion vs. manipulation vs. ethical stance
Cross-Fragment Integration:
- Operation Glass House appears across 5 functions
- Power Grid Attack requires 3 fragments for optimal success
- The Architect identity clues scattered across all functions
- Success metrics compound (more intel = better outcomes)
Educational Value:
- All fragments teach CyBOK-aligned security concepts
- Real-world attack methodologies and defenses
- Legal, technical, financial, and human factors
- Ethical considerations in security operations
**Gameplay Catalog:**
Complete cross-reference system showing:
- Fragment interconnections and mission integration
- Success probability calculations
- Branching path outcomes
- Player progression through game
- Design principles for future fragments
Each fragment answers "What can I DO with this?" rather than
just "What does this tell me?" - making LORE collection
functionally valuable, not just completionist.
See story_design/lore_fragments/by_gameplay_function/GAMEPLAY_CATALOG.md
for complete integration guide and mission design examples.
2025-11-19 17:43:15 +00:00
