mirror of
https://github.com/cliffe/BreakEscape.git
synced 2026-02-21 11:18:08 +00:00
25e71eb74e
Created comprehensive 3-act structure for 'Insider Trading' investigation mission:
ACT 1: THE CORPORATE INFILTRATION (20-25 min)
- Arrival at Quantum Dynamics as security consultant
- Meet CSO Patricia Morgan, receive investigation brief
- Review security logs, narrow 8 suspects to 3
- First NPC interactions (Lisa Rodriguez provides Torres background)
- Discovery of Bludit server (Torres' personal blog = ENTROPY comms)
ACT 2: THE INVESTIGATION (35-45 min)
- VM Challenge: Bludit CMS exploitation (CVE-2019-16113)
* Flag 1: Recruitment timeline, $45K payments received
* Flag 2: Digital Vanguard server IPs, exfiltration proof
* Flag 3: File manifest (3.1 TB / 4.2 TB stolen)
* Flag 4: The Architect's approval message (foreign sales)
- Employee interviews: Chen, Park, Johnson, Kevin (eliminate red herrings)
- Physical evidence: Medical bills, Torres' journal, encrypted USB
- Evidence correlation: Overwhelming proof Torres is insider
- Moral complexity established: Sympathetic motivation (Elena's cancer)
ACT 3: THE CONFRONTATION & CHOICE (15-20 min)
- Confront Torres with evidence (approach varies by player)
- Reveal ENTROPY's deception ('journalists' = Chinese MSS/Russian GRU)
- Torres' breakdown: Realizes 12-40 intelligence officers will die
- CRITICAL CHOICE (4 distinct paths):
* A. Turn Torres into double agent (family saved, ongoing intel for M6-M10)
* B. Arrest Torres (justice, Elena dies, children orphaned, limited intel)
* C. Sympathetic release (family escapes, player misconduct, partial failure)
* D. Public exposure (ENTROPY disrupted, Quantum Dynamics destroyed, 450 jobs lost)
- Prevent final data exfiltration (varies by choice)
- Secure remaining Project Heisenberg data
CLOSING DEBRIEF (5-7 min)
- Tracks ACTUAL player actions (60+ variables)
- NO vague 'approach' labels, only specific discoveries
- Choice consequences revealed (Elena's fate, Torres' cooperation, ENTROPY network)
- ENTROPY business model revealed: Criminal corporation with SLAs
* Insider Threat Initiative: Talent acquisition ($15K per placement)
* Digital Vanguard: Technical analysis infrastructure
* Zero Day Syndicate: Weaponization and sales
* Crypto Anarchists: Payment processing
- HashChain Exchange foreshadowed (sets up M6)
- The Architect pattern: 4th mention across campaign
CONCRETE STAKES ESTABLISHED:
- Operation Schrödinger: 4.2 TB quantum cryptography theft
- 12-40 intelligence officers will die if data reaches foreign governments
- Elena Torres: Stage 3 cancer, $380K treatment, 60% survival with treatment
- Children: Sofia (11), Miguel (8) - family photos/drawings shown
- $45-70 million ENTROPY revenue from foreign sales
- 450 Quantum Dynamics employees (jobs at risk)
MORAL COMPLEXITY:
- Torres is sympathetic: Desperate to save wife, manipulated by ENTROPY
- Journal shows moral descent (8 months of gradual compromise)
- No 'right' answer: All choices have severe consequences
- Family vs. national security, justice vs. mercy, transparency vs. secrecy
CAMPAIGN INTEGRATION:
- If Torres turned: Intelligence asset through M10 finale
- 22 other Insider Threat Initiative placements revealed
- Links M4 (infrastructure attacks) to M6 (crypto tracking)
- Task Force Null investigation advances
Document includes complete variable tracking system (60+ variables),
detailed beat-by-beat structure, and specific implementation notes.
Ready for Stage 2: Atmosphere & Environment Design.
BreakEscape Rails Engine
Cybersecurity training escape room game as a mountable Rails Engine.
Features
- 24+ cybersecurity escape room scenarios
- Server-side progress tracking with 2-table schema
- Randomized passwords per game instance via ERB
- JIT Ink script compilation for NPC dialogue
- Polymorphic player support (User/DemoUser)
- Pundit authorization
- RESTful API for game state management
- Session-based state persistence
Installation
In your Gemfile:
gem 'break_escape', path: 'path/to/break_escape'
Then:
bundle install
rails break_escape:install:migrations
rails db:migrate
rails db:seed # Optional: creates missions from scenarios
Mounting in Host App
In your config/routes.rb:
mount BreakEscape::Engine => "/break_escape"
Usage
Standalone Mode (Development)
export BREAK_ESCAPE_STANDALONE=true
rails server
# Visit http://localhost:3000/break_escape/
Mounted Mode (Production)
Mount in Hacktivity or another Rails app. The engine will use the host app's current_user via Devise.
Configuration
# config/initializers/break_escape.rb
BreakEscape.configure do |config|
config.standalone_mode = false # true for development
config.demo_user_handle = 'demo_player'
end
Database Schema
break_escape_missions- Scenario metadata (name, display_name, published, difficulty)break_escape_games- Player state + scenario snapshot (JSONB)break_escape_demo_users- Standalone mode only (optional)
API Endpoints
GET /games/:id/scenario- Scenario JSON (ERB-generated)GET /games/:id/ink?npc=X- NPC script (JIT compiled from .ink)GET /games/:id/bootstrap- Initial game dataPUT /games/:id/sync_state- Sync player statePOST /games/:id/unlock- Validate unlock attemptPOST /games/:id/inventory- Update inventory
Architecture
ERB Scenario Generation
Scenarios are stored as .json.erb templates and rendered on-demand with randomized values:
<%= random_password %>- Generates unique password per game<%= random_pin %>- Generates unique 4-digit PIN<%= random_code %>- Generates unique hex code
JIT Ink Compilation
NPC dialogue scripts compile on first request (~300ms):
- Check if
.jsonexists and is newer than.ink - If needed, run
inklecateto compile - Cache compiled JSON for subsequent requests
State Management
Player state stored in JSONB column:
- Current room and unlocked rooms
- Inventory and collected items
- NPC encounters
- Global variables (synced with client)
- Health and minigame state
Testing
rails test
License
AGPL v3 - See LICENSE file for details
Documentation
See HACKTIVITY_INTEGRATION.md for integration guide.