EchoLocate

Map of Netropolis
Incident alert system for each sector
Command center and agent hiring marketplace
Agent investigation panel
Dynamic evidence graph to reconstruct attack path via logs and system events

Inspiration

Investigating a cyberattack is rarely straightforward. Analysts often have to work backward through system activity across multiple machines just to understand how a breach happened.

Most tools surface alerts and logs, but the investigator still has to reconstruct the bigger picture by tracing how the attack moved through different systems.

We wanted to explore a different interface for that process, one where you can interact with the system, deploy specialists to investigate different parts of a breach, and connect the evidence yourself. That idea led us to build EchoLocate, a simulation where players investigate cyberattacks and piece together how breaches actually unfolded.

What It Does/How To Play

EchoLocate is an AI-powered digital forensics simulation set in Netropolis, a lunar cyber city where players investigate and contain cyberattacks using specialist investigator agents.

Each sector on the map represents a different infrastructure system (datacenters, communications nodes, research labs), allowing breaches to spread across the network.

Players investigate incidents through a structured response workflow:

Build an investigation team of AI agents specialized in log analysis, network tracing, artifact recovery, and timeline reconstruction
Investigate incidents across the city by deploying agents to different sectors as breaches begin to appear
Prompt agents to analyze evidence using both guided actions and open investigation prompts
Collect structured findings and add them to a live case board and evidence graph
Connect clues across systems, artifacts, and events to reconstruct how the attack unfolded
Trace the breach to its source and isolate compromised infrastructure before the incident escalates

How We Built It

Our system combines a live game interface, a parallel multi-agent backend, and a dynamic evidence graph to turn cyber investigation into a playable experience.

Frontend + map engine: We used React, TypeScript, and Phaser to build the live interface, with a tile-based city designed in Tiled and pixel assets created in Aseprite.
Multi-agent investigation system: We built EchoLocate around a Featherless-hosted Qwen model with support for up to 8 agents running in parallel, so different parts of a breach can be investigated at the same time.
Agent orchestration: Each agent uses role-specific prompt templates, routing logic, and investigation context injection so it can reason based on the current state of the case instead of acting in isolation.
Structured evidence pipeline: Agents return JSON outputs that are converted into graph nodes and relationships, which update the case board and evidence graph in real time.
Incident simulation: We built a level-based scenario system with controlled randomness, so each run keeps a similar difficulty while generating different breach paths, clues, and attack flows.
Player interaction: Players can investigate through both a voice/chat interface and map-based controls, either using quick prompts or asking their own questions via ElevenLabs.
Deployment: We deployed the project on Vercel, GoDaddy Registry for domain infrastructure, and a playable build distributed through itch.io

Key Features:

Specialist investigator agents: Build a team of AI agents with different forensic strengths, from log analysis (LOGIS) and network tracing (NEXUS) to artifact recovery (FILER) and timeline reconstruction (CHRONO).
Live investigation workflow: Agent findings return as structured evidence that updates the case board and evidence graph in real time, allowing players to connect systems, events, and artifacts to reconstruct the breach.
Radio communication system: Players can talk directly to their investigator agents through a built-in radio system powered by ElevenLabs, making investigations feel like coordinating a real response team.
Interactive cyber city map: Investigations take place across Netropolis, a tile-based lunar city where each sector represents part of the system infrastructure.
Replayable breach scenarios: Each incident is generated from level-based scenarios with controlled randomness, so runs follow a similar difficulty but produce different attack paths.
Game-driven cyber defense: EchoLocate turns digital forensics into a strategy game where success depends on deploying the right agents, following the right evidence, and isolating the breach before it spreads.

Challenges We Ran Into

Making it feel like a real game: The hardest part was not generating the agent responses. It was making the entire gameplay loop feel responsive, readable, and fun while players moved across the map, prompted agents, and waited for evidence to come back in real-time.
Handling latency in a live agent system: Since EchoLocate runs on Featherless and supports up to 8 parallel agents, responsiveness mattered a lot. We had to carefully manage how results appeared in the UI so the investigation still felt active instead of delayed or confusing.
Building game systems on a non-game stack: We were integrating sprites, map interaction, sector-based exploration, and investigation flow into a web stack that was not built like a traditional game engine. Making that feel smooth and cohesive took a lot of iteration with Phaser and Tiled.
Keeping the interface clear under complexity: EchoLocate has a lot happening at once: agents, evidence, sectors, prompts, and graph updates. A major challenge was making the UI easy to follow, tutorial-friendly, and intuitive enough that new players could understand it quickly.

What We Learned

Specialized agents outperform general ones: Giving each agent a clear forensic role (through logs, network tracing, artifacts, timelines) made investigations far more structured and effective than relying on a single AI assistant.
Visualization makes complex systems easier to reason about: Turning our agent outputs into a live evidence graph helped players understand how a breach unfolded instead of just reading through chunks of long responses.
Responsiveness is critical in agent-driven systems: When multiple agents run in parallel, we saw how important it was for the results to appear and update in the interface promptly just as much as the analysis itself.

What's Next

Red team agents: We want red-team (attacker) agents that actively simulate breaches, forcing players to defend against smarter and evolving attack paths.
Deeper cyber scenarios: We want to also expand the incidents with more complex attack chains and investigation challenges.

Built With

agentic-ai
aseprite
elevenlabs
fastapi
gemini
itch.io
openai
phaser.js
python
react
tiled
typescript
vercel

Submitted to

Bitcamp 2026

Created by

I built the game interface and interaction layer for EchoLocate. I created the pixel assets in Aseprite, designed the tile-based cyber city in Tiled, and helped implement the interactive sector system that allows players to investigate infrastructure across the map. I also designed the UI/UX and gameplay flow that connects map interaction, agent prompting, and the investigation workflow into a cohesive player experience.

Sujay Chava
Abhinav Karumudi
Akshaj Nadimpalli
Pranay Kakkar