CRACK Solution
Three Gates
CRACK multi-stage check

Prerequisites
Unlocks
NEXUS42
Techniquemulti-stage check
Rulenonzero
SampleNEXUS42
Walkthrough
Recover the accepted input below, then submit it to the CRACK verifier.
Reject Samples
- NEXUS43
- NEXUS41
- NEXUS4
- NEXUS420
- AAAAAAA
Verifier Listing
; z4_multi_stage: "Three Gates". A staged check that chains three independent
; tests; you must satisfy all of them with one input, so reverse them in order:
; Stage 1 (length): the input must be exactly 7 bytes.
; Stage 2 (sum): the byte values must add up to 505 (0x1F9).
; Stage 3 (xor): all seven bytes XOR-folded together must equal 0x53.
; Technique: multi-stage check. r0 = 1 on accept. Accept rule: nonzero.
;
; 8-BIT NOTE: the true byte sum 505 overflows a byte; the byte core keeps the
; running sum mod 256, so the sum gate is the LOW BYTE of 505 (505 & 0xFF = 0xF9).
; The technique (a length gate, then a sum gate, then an XOR gate, all immediates)
; is unchanged; only the sum's width is reduced to the 8-bit ceiling.
;
; sample "NEXUS42": N+E+X+U+S+'4'+'2' = 505 (low byte 0xF9); XOR-fold = 0x53.
; --- stage 1: length gate ------------------------------------------
len r2
cmp r2, 7
jnz bad
; --- stages 2 + 3: one pass building both the sum and the XOR -------
mov r3, 0 ; r3 = running byte sum (mod 256)
mov r4, 0 ; r4 = running XOR fold
mov r7, 0
sloop: cmp r7, 7
jge final
ldb r0, [r7]
add r3, r0 ; sum += byte
xor r4, r0 ; xor-fold ^= byte
inc r7
jmp sloop
final: cmp r3, 0xF9 ; stage 2: low byte of 505
jnz bad
cmp r4, 0x53 ; stage 3: XOR fold
jnz bad
mov r0, 1
ret
bad: mov r0, 0
ret