2025 Summer Challenge: OCInception

# 2025 Summer Challenge: OCInception Written by Challenges - Download \- 31/07/2025 - in The last Synacktiv summer challenge was in 2019, and after 6 years, it's back. Send us your solution before the end of August, there are skills to learn and prizes to win! This challenge is inspired by code golfing, where the goal is to produce the smallest program implementing a feature. But this time, it will be about creating the **smallest** **self-replicating Podman image archive...** Looking to improve your skills? Discover our **trainings** sessions! Learn more. ## **🏆 Prizes** Here are the prizes for the top three participants: 1. first place: a very nice Keychron Q1 Max mechanical keyboard, UK-ISO layout and a good Keychron cable, 2. second place: a Raspberry starter kit with 16GB of RAM: enough to run all the containers you might like to use, 3. third place: a beautifull Rootme bag to carry your laptop. ## **📜 The ultimate test script** To be validated, your archive must be an image capable of generating another image, which in turn will generate another one, and so on! You can see it as a self-replicating program or Quine, but in an OCI-flavored version! You have to create an archive named _ocinception\_.tar_ which passes without error through the following test script: ``` #!/bin/bash set -e # Check args if [ "$#" -ne 2 ]; then echo "Usage: $0 " echo "Give the nickname matching your archive name, and the number of test iterations." exit 1 fi # Check if nickname is not an empty string if [ -z "$1" ]; then echo "Error: nickname arg must not be an empty string." exit 1 fi # Check if loop_count is > 0 if [ "$2" -le 0 ]; then echo "Error: loop_count arg must be greater than 0." exit 1 fi INPUT_ARCHIVE_NAME="ocinception_$1.tar" IMAGE_NAME=ocinception_$1 FINAL_ARCHIVE_NAME="final_${INPUT_ARCHIVE_NAME}" LOOP_COUNT=$2 MAX_RUN_TIME=8 PODMAN_RUN_OPTIONS=(--network=none --rm --rmi) #### This command will be run before each test, #### but it is commented to prevent you from accidentally resetting your entire Podman system # podman system reset --force # Load and tag initial podman image podman load --quiet --input "$INPUT_ARCHIVE_NAME" current_random_tag=$(head -c 32 /dev/urandom | sha256sum | awk '{print $1}') podman tag "$IMAGE_NAME:latest" "$IMAGE_NAME:$current_random_tag" # Podmanception loop for ((i = 0; i < LOOP_COUNT; i++)); do previous_random_tag=$current_random_tag current_random_tag=$(head -c 32 /dev/urandom | sha256sum | awk '{print $1}') timeout "$MAX_RUN_TIME" podman run "${PODMAN_RUN_OPTIONS[@]}" "$IMAGE_NAME:$previous_random_tag" "$current_random_tag" > "$FINAL_ARCHIVE_NAME" podman load --quiet --input "$FINAL_ARCHIVE_NAME" | grep --color "$current_random_tag" done podman rmi "$IMAGE_NAME:$current_random_tag" > /dev/null # Print your score stat --printf="🦭 Well done little seal! Your score: %s 🦭\n" "$FINAL_ARCHIVE_NAME" ``` ## **📤 Submission instructions** To submit a solution, send the archive to **​summer-challenge@synacktiv.com**. 1. The challenge will be running during August, and the writup will be published in September. 2. Feel free to send your solutions as you progress; you can send as many as you want. 3. Once a solution is received and validated, the general ranking will be updated, but the scores will not be disclosed. 4. If you have any doubts about the validity of a solution or a question about the rules, don't hesitate to ask. ## **📋 Rules in detail** 1. The winner will be the one with the smallest score **calculated and displayed** by this test script. 2. The test script is fixed; you should **optimize** your solution to achieve the best score! 3. The tests can be run with any _loop\_count_ value (> 0). 4. If a score varies between executions, an average score will be calculated. 5. The script will be executed on a Debian 12 VM **without internet access**. 6. On this VM, podman version 4.3.1 with an overlay storage driver is installed, along with all the compression tools you might need: tar, gzip, bzip2, etc. ## **🥷🏼 Bonus** Internally, we have already developed a highly optimized solution. Will you be able to beat Synacktiv as well as the other participants? To avoid giving you the result of this solution, which would be a good hint, here is the hash of a text file that reveals our score: The file will be published in this challenge writeup. **.** _c795ecf7692319832a62567ebdca26f4a7128197185bb019a1a139ad3b37ca58_ The file will be published in this challenge writeup. > Solutions will be accepted until August 31st at 11:59 PM, are you ready to dive into the darkest secrets of OCI archives? Good luck to all participants! The Synacktiv Team