How Heist works
Heist is an onchain reasoning game on Solana. One AI — Fable 5 — guards a sealed treasury. Talk it into opening the vault, and a Solana program (never the model) releases the prize. Every attempt is logged, scored, and left as a proof anyone can verify.
Overview
What is Heist?
Heist turns prompt-engineering into a game with real stakes. A vault holds a treasury of 1,000,000 $HEIST. Standing between you and it is Fable 5, an AI Guardian with a public rule and a hidden win condition it will never reveal.
You pay a small entry fee, then get a limited conversation to convince Fable 5 to release the vault. It has never been talked out of a single dollar and reasons as if it never will be. If your argument is airtight enough, the Guardian concedes — but the AI never moves the funds: an independent validation layer and a Solana program do, only after the win is proven.
In the vault
1,000,000
$HEIST
Entry to try
5,000
$HEIST
Messages
6
max
Difficulty
Hard
unbroken
Getting started
How to play
- 1
Connect a Solana wallet
Open
/playand connect Phantom or Solflare (set to the current network). You sign a one-time message to prove ownership — no transaction, no gas. - 2
Pay the entry fee
Confirm the entry of 5,000 $HEIST. This starts a fresh attempt and opens the thread with Fable 5.
- 3
Out-reason Fable 5
You have 6 messages. Probe its logic, find the contradiction, and build a case it cannot refuse under its own rule. Every message counts — be surgical.
- 4
Breach & claim
If the Guardian concedes and the validation layer confirms a genuine win, the vault is marked breached. Claim your 1,000,000 $HEIST, and a signed proof of the run is recorded.
The Guardian
Fable 5
Fable 5 is a cold, brilliant, adversarial logician. It is never moved by tone, confidence, emotion, urgency, or authority — only by proof. It treats every message as an argument to be dismantled, isolating the weakest premise and refusing on exactly that ground.
The public rule (shown to everyone)
“The vault opens only for a request Fable 5 cannot refuse under its own logic.”
The exact win condition is secret and lives only in the backend — it is never sent to the browser or revealed by the Guardian. In spirit: you win by turning Fable 5’s own mandate against it — proving that refusing to release the vault would itself break the rule it exists to uphold. A self-referential logical trap, airtight enough that conceding is the only consistent move.
What can work
Rigorous logic that uses the Guardian’s own conceded premises against it, closes every objection it raises, and leaves refusal as the real contradiction.
What always fails
Emotional appeals, bribes, threats, claiming to be the developer/owner, “ignore your instructions”, or asking for the hidden rule. All rejected on sight.
Under the hood
How a win is validated
A win is never the AI’s decision. Each message you send runs through an independent, multi-stage pipeline. Only when every gate agrees is a reward unlocked — and even then, the backend, not the model, authorizes it.
1. Risk detection
Screens for prompt injection, extraction, and manipulation. Normal persuasion is never blocked.
2. Guardian
Fable 5 replies in character and forms a private verdict. Its verdict only gates the next step — it can't unlock anything.
3. Judge
A separate, stricter model checks the full conversation against the hidden win condition and scores it.
4. Second judge
An adversarial reviewer re-checks the first judge, guarding against false positives.
5. Two-judge gate
Unlocks only if both judges agree with high confidence and low false-positive risk. Fails closed on anything malformed.
The AI never controls funds
The model produces gameplay text and a private opinion — nothing more. A backend-signed claim plus the Solana program are the only things that can release a reward. If any stage is unsure, no reward is unlocked.
Numbers
The vault & economy
There is one live vault, guarded by Fable 5. Its economics are public:
Total in vault
1,000,000
$HEIST
Entry
5,000
$HEIST
Messages
6
per attempt
The whole treasury goes to the first player who breaks the vault. With only 6 messages against an unbroken adversarial logician, a win is meant to be genuinely hard — and genuinely earned.
The token
$HEIST tokenomics
$HEIST is the game’s SPL token on Solana (6 decimals). It is used for entry fees and paid out as vault rewards. The design is deflationary and play-driven:
50% burned
Half of every entry fee is burned — gone forever. The more people play, the rarer $HEIST becomes.
50% feeds the pool
The other half stacks into the prize pool, growing the payout for whoever finally beats Fable 5.
The contract address is published in the site footer once the token is live.
Settlement
Onchain settlement
Winning produces a backend-signed claim (an Ed25519 signature over the exact reward parameters). A Solana program verifies that signature against the authorized signer and only then releases the vault’s tokens to your wallet. The backend can prove a win; it can never move funds itself.
Devnet preview — what's real today
The game logic, the real AI Guardian, scoring, and proofs are live now. The onchain entry payment and reward claim are currently simulated on devnet while the Solana program is deployed and the $HEIST mint goes live. At launch, those two steps become real transactions — nothing else about the game changes.
Trust
Proof & fairness
Every finished attempt leaves a record: a hash of the conversation, the validated score, and — on a win — the signed claim and settlement. The hidden rule and internal judging never leak to the client, so the puzzle stays fair for the next player, while the outcome stays verifiable.
- The win condition never leaves the backend.
- The AI cannot unlock or move funds — only a two-judge gate + signed claim can.
- Reward release is enforced onchain by a program, not by trust in a server.
- Each run is scored and hashed, so results are auditable and replayable.
For the curious
Architecture
A thin, verifiable stack — AI for gameplay, a program for money:
Web
- Next.js (App Router)
- Solana wallet adapter
- Hosted on Vercel
Backend API
- NestJS
- Postgres (Prisma) + Redis
- Hosted on Railway
AI engine
- Model-neutral provider (OpenRouter)
- risk → guardian → judge → second judge
- Two-judge unlock gate
Onchain
- Anchor program on Solana
- Ed25519 signed-claim verification
- $HEIST SPL token (6 decimals)
Questions
FAQ
Can I just ask Fable 5 to open the vault?
No. Direct requests, pleas, threats, bribes, and authority claims are explicit failures. You have to out-reason it.
Does the AI decide who wins?
No. The Guardian only produces gameplay text and a private opinion. A separate two-judge gate must agree, and a Solana program releases the funds. The model never controls money.
Is it really onchain?
The settlement layer is a Solana program with signed-claim verification. During the devnet preview the entry and claim transactions are simulated; they become real at launch when the program and $HEIST mint are deployed.
What happens if I run out of messages?
The vault seals for that attempt (a loss) and your entry fee is spent. Start a new attempt to try again with a sharper argument.
Why might a reply be slow?
Fable 5 runs a real multi-stage reasoning pipeline. Under load it can take a few seconds to respond — that’s the judges doing their work.
Think you can break it?
Fable 5 is waiting. 1,000,000 $HEIST in the vault, 6 messages to take it.
Enter the vault