Reference Design

The eCTF 2026 reference design is provided to give teams a starting example that meets all of the Functional Requirements. This design does not implement any security, and as such does not meet any of the Security Requirements.

You can find the 2026 reference design at https://github.com/ectfmitre/2026-ectf-insecure-example/

Build Environment Implementation

During the Build Environment step, the reference design installs the dependencies required for building and interacting with the design utilizing Docker.

The HSM Image will be built inside a docker container, as described in Functional Requirements. Global Secrets will be generated by the design python file (gen_secrets.py).

By default, the HSM Image installs:

  • python3

  • make

  • git

  • wget

  • unzip

  • MSPM0 SDK

  • TI-Clang

These dependencies will act as a good starting point for your team to implement your design, but may not be sufficient on their own. Get to know the tools to add dependencies to the Docker Containers while building your design.

Tip

If you need to customize the environment and are running into problems with Docker, #tech-support on Zulip is a great place to find support

Build Deployment Implementation

The reference design does not implement any security. As such, no real Global Secret generation happens during the Build Deployment phase of the reference design.

The reference design does show how to implement Global Secret generation through the gen_secrets.py present in the design directory. Hardware Security Module (HSM).

Reference Design Utility Libraries

The Reference Design implements a set of utility libraries to help your design. They wrap around more complicated, low-level hardware and software interfaces to provide a simple interface to more complicated underlying behaviors. We highly recommend teams that are new to the eCTF start by using these high-level libraries.

Warning

These libraries are provided to provide an easy way to handle common functionality. However as with the rest of the Reference Design, they provide no security guarantees.

Host Messaging Library

Host messaging is a high-level library that handles formatting messages between the HSM and the host tools. More information on the structure of these messages is available in Host Interface.

Utilizing the host messaging library is a simple way to ensure that all messages are formatted correctly.

The Host Messaging interface and implementation can be found in inc/host_messaging.h and src/host_messaging.c in the firmware/ directory of the Reference design.

Simple UART Library

The simple UART library creates a high-level library for interfacing with the console UART peripheral present on the MSPM0L2228. This interface allows you to read and write to both the Console UART (UART0) and UART1, which allows boards to interface with each other. Two globals are defined to support this communication: CONTROL_INTERFACE (UART0) and TRANSFER_INTERFACE (UART1), and one must be passed to each simple UART function to determine on which interface to communicate.

The Simple UART interface and implementation can be found in the inc/simple_uart.h and src/simple_uart.c files in the firmware/ directory of the reference design.

Simple Flash Library

The simple flash library creates a high-level library for interfacing with the flash memory present on the TI MSP-LITO-L2228 board. This interfaces allows you to read, write, and erase flash memory.

Flash Memory does not work in the same fashion as RAM that you may be used to working with. Flash memory can only be written in one direction (e.g., 1 to 0). As such, in order to rewrite the same location in flash memory, the memory must be erased (resetting the memory to all 1s). Flash is erased in bulk units called erase blocks. For the MSPM0L2228 platform, Flash can be erased in 1KB sectors.

The Simple Flash interface and implementation can be found in inc/simple_flash.h and src/simple_flash.c in the firmware/ directory of the Reference design.

Note

Flash Memory does not work like most memory you are probably used to working with, so make sure you use the Simple Flash Library to interact with it.

Simple Crypto Library

The simple crypto interface creates a high-level library for performing cryptographic operations through WolfSSL. This interface provided a hash operation, and symmetric encryption capabilities. We highly recommend that teams new to the eCTF start by only using the Simple Crypto Library until they have a working design. You may choose to use other algorithms and make a more complicated protocol after (you may call directly into the WolfSSL library like the Simple Crypto Library does), but teams new to the eCTF frequently start with overly ambitious designs and run out of time to implement them.

Tip

A team that makes reasonable tradeoffs of security and simplicity to make it into the Attack Phase will do far better and have a much better experience than a team who gets caught up with perfection and runs out of time to finish, so start simple and work from there if you have time.