OldGuard

Homepage
In-action
Flagging
Flagged - prompt

Inspiration

We live in a time where things on the internet do not last long and people do not trust each other for a long time. I wanted to create something that will stay forever. The idea of "Old Money" inspired me. This is not just about the money you have in your account but also, about the reputation of the person who has that money.

What is modern Fintech really based on? It is often built on a lot of things. Frameworks on top of libraries, on top of other libraries. I asked myself: Do we really understand what the basic value of Fintech is?

To answer this, I picked a challenge that celebrates pure engineering: 'No libraries, no shortcuts - just your logic, your code, your imagination'. As was put across, I decided to build a decentralised reputation system by not importing hashlib or flask, but by forging every component - from the bitwise cryptography to the TCP network packets - entirely from scratch

What it does

OldGuard is a decentralized ledger that tracks not just financial transactions, but Reputation Scores.

Immutable History: Every transaction is cryptographically linked to the previous one using my custom-built blockchain engine.
Reputation Logic: The protocol enforces "Honor." If a user attempts to defraud the network (e.g., sending negative amounts), the consensus rules automatically degrade their trust score.
Blacklist Protocol: Once a user's reputation crosses the BAN_THRESHOLD (e.g., -1), they are rejected by the network at the protocol level.

How I built it

So I wanted to know how the forefathers of cryptography built it. The people who constructed it had to figure out a lot of things, they had to work on it for a long time just to get it right. What they created is really cool, I’m still trying to learn more about how they made it, it’s an interesting story. This was not easy to build as I coded every line.

The Engine (Custom Cryptography) I created the SHA-256 algorithm from scratch, what this does is it generates new words from scratch and are combined, the sigma functions ensure nonlinearity, avalanche effect, and diffusion, which are critical for cryptographic strength, this had to be written in Python code.

The logic relies entirely on this function, which simulates 32-bit hardware behavior:

Helper function.

def right_rotate(value, amount):
    return ((value >> amount) | (value << (32 - amount))) & 0xFFFFFFFF

Data is prepared before compression.

Little Sigma 0 (σ0) - message scheduler.

s0 = right_rotate(w[j - 15], 7) ^ right_rotate(w[j - 15], 18) ^ (w[j - 15] >> 3)

Little Sigma 1 (σ1)

s1 = right_rotate(w[j - 2], 17) ^ right_rotate(w[j - 2], 19) ^ (w[j - 2] >> 10)

Big sigma (compression loop)

Big Sigma 1 (Σ1) - Applied to variable 'e'

S1 = right_rotate(e, 6) ^ right_rotate(e, 11) ^ right_rotate(e, 25)

Big Sigma 0 (Σ0) - Applied to variable 'a'

S0 = right_rotate(a, 2) ^ right_rotate(a, 13) ^ right_rotate(a, 22)

This engine is what makes my Proof-of-Work mining algorithm work. The Proof-of-Work mining algorithm needs to find a number, called a nonce so that the block hash is good enough. The block hash has to meet a standard, which is not always the same and that is what we call a dynamic difficulty target for the Proof-of-Work mining algorithm.

The Network (Raw Sockets) I bypassed standard web servers (http.server or Flask) and went straight to the metal using Python's socket library. I operated at OSI Layer 4 (Transport). My server listens on a raw TCP port, intercepts byte streams, and manually parses HTTP headers (splitting strings by \r\n). I manipulated raw TCP byte streams to construct HTTP responses manually, ensuring I understood every byte leaving the machine.
The Interface (Vanilla Stack) The frontend is a dashboard built with: Zero Frameworks: No React, No Vue. Just pure DOM manipulation. I used the Fetch API to get information from my socket server. This helped me show what is happening with the mining process and the chain as it gets bigger in time. I did this with something called Asynchronous IO. The Asynchronous IO is important because it lets me get the information from my socket server without having to wait. This makes the visualization of the mining process and the growing chain really fast and up, to date.

Challenges I ran into

The "Bitwise" Nightmare: Debugging my custom SHA-256 implementation was grueling. A single bit-shift error in the right_rotate function caused the entire hash to cascade into garbage. I had to compare my output against standard implementations step-by-step to fix it.

HTTP is Picky: Writing a raw server meant I had to handle browser idiosyncrasies perfectly. If I missed a single Content-Length header or a \r\n newline, the browser would hang indefinitely.

The "Freeze": Initially, mining a block would freeze the server. I learned the importance of non-blocking I/O and efficient loop management to keep the node responsive.

Accomplishments that I'm proud of

I built a Blockchain in pure Python. No dependencies. Just logic.

I built a Web Server from scratch. I now understand exactly how a browser talks to the backend.

The "Blacklist" Logic: Seeing the system automatically detect "fraud" and ban a user without human intervention was a massive win for my "Autonomous Trust" goal

What I learned

I figured out that things like Abstractions are nice to have but we don't really need them. When I looked closely at Flask and Hashlib I started to appreciate the basic protocols like TCP/IP and SHA-256 that make everything work. I learned that real security does not come from using a library it comes from understanding the math behind things like TCP/IP and SHA-256. That is what makes the modern world secure. I firmly believe that understanding the basics of things like TCP/IP and SHA-256 is really important, for security.

What's next for OldGuard

I have a P2P Gossip Protocol, now I am using one node. The next thing I need to do is use my socket engine so multiple OldGuard instances can talk to each other. This way OldGuard instances will be able to share information, with each other using the P2P Gossip Protocol. Also, smart contracts: Implementing a simple stack-based scripting language (like Bitcoin Script) to allow for conditional payments.

Built With

bitwise-cyptography
css3
html5
javascript
json-serialization
python

Submitted to

Build From Scratch - Season I

Created by

I served as the Lead Architect and Core Developer for OldGuard. My primary contribution was designing and implementing a zero-dependency blockchain node entirely in Python. I engineered the cryptographic engine from scratch, manually coding the SHA-256 Sigma compression functions and simulating 32-bit hardware registers to ensure compliance with NIST standards. Additionally, I built a custom HTTP server operating at the TCP transport layer to handle network traffic without external web frameworks, and designed the 'Reputation Consensus' protocol to autonomously detect and ban malicious nodes.

Mafty-Jordan Makanyanga

Updates

Mafty-Jordan Makanyanga started this project — Dec 24, 2025 06:30 PM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.