Three years ago, we released the first version of waterctl, and today, we are truly amazed by the response it has received.
At the beginning of this journey, before waterctl, there were already several software solutions available for users who didn't face extra water charges. However, these tools relied on unstable servers and included "anti-features" like time bombs or remote locks. This led to the creation of celesWuff.
The first version of waterctl was an open-source reimplementation of these tools, but we only used open web standards and ensured full offline support. This has always been celesWuff’s core goal: to eliminate adware/spyware apps, WeChat mini-programs, and uni-apps that exploit nepotism and to place them on the pillar of historical shame.
Since then, without any promotion, waterctl has gained a significant user base, successfully replacing other WeChat-based solutions. We are deeply grateful for your support.
However, as many of you know, waterctl has faced unprecedented technical challenges since the start of this year. Thanks to the community’s attention and collaboration, celesWuff is now stronger than ever. Today, we are excited to announce the official release of waterctl 2.0. In our testing, this version is 100% compatible with the latest firmware—a surprising breakthrough, and we hope you will enjoy it.
While we celebrate this temporary victory, we recognize that waterctl will undoubtedly face even greater challenges in the future. And eventually, the current members of celesWuff will move on from waterctl's development. We hope to attract more people to join us.
All this is to say that we of celesWuff wish to share our learning experience with the rest of you. We hope to find more individuals within the waterctl (and other celesWuff software) user community who are interested in getting involved. Whether you're a new student this year, a seasoned industry veteran, or both; whether you're disappointed with your surroundings, or you've already assembled a capable team, we welcome you with open arms.
KOTH Challenge
CTF (Capture The Flag) challenges are common in the hacker community, aiming to break into a controlled system and extract a "flag" for fun and educational purposes. I highly recommend this to anyone interested in fighting for digital rights on campus, even if you are not a waterctl user. We are hosting a variant of the "King of the Hill" challenge, following the one team molecule held on Vita Island.
Our rules are similar to those of HENkaku eight years ago: we (celesWuff) are currently the kings of the hill. You (the challenger) can claim the throne by reversing our latest hack (Deputy) and explaining it. Since waterctl's source code is already open-source and we haven’t added any form of protection, you only need to explain what happens in deputy.wat, algorithms.ts and solvers.ts. Once we are knocked off, we will share all our research on waterctl. And, of course, like HENkaku, the challenge can be claimed by anyone who beats it (not just the first) and is only valuable to those interested in waterctl and digital rights. As the "prizes" are available to everyone and not just the first, we strongly encourage collaboration.
To make the challenge as interesting as possible, like HENkaku, we used minimal obfuscation in our code and have reduced the difficulties of the puzzles a lot. The goal isn’t to see who are skilled security researchers but to invite all the developers and new students to have a chance to step into the work we have done so far. Therefore, most of the challenge’s difficulties will come from the design of the algorithm, not from us.
One more thing
It’s undeniable that waterctl wasn't an entirely ethical project at its inception; when the 2024 updates started rolling out, we were initially prepared to part ways with it.
However, things developed far beyond our expectations. People began selling "crack solutions" based on hardmods, others profited by selling our code, and some even ported our code back into WeChat... Reality turned out to be stranger than fiction, and we have chosen not to comment on it.
In the end, when we discovered that some devices were reporting a water usage discrepancy of up to 140% compared to actual consumption, we decided that we had to do something, even if it wasn’t a perfect solution.
But why? There could be many reasons, and I'm sure you can think of a few as you read this. Those who are truly determined to 'steal water' have long since turned to 剪黄线, whether to get back at resellers or fight against inflated water bills. But somehow, none of these reasons seem to fully explain it.
I think the best answer remains—because we can.
Three years ago, we released the first version of waterctl, and today, we are truly amazed by the response it has received.
At the beginning of this journey, before waterctl, there were already several software solutions available for users who didn't face extra water charges. However, these tools relied on unstable servers and included "anti-features" like time bombs or remote locks. This led to the creation of celesWuff.
The first version of waterctl was an open-source reimplementation of these tools, but we only used open web standards and ensured full offline support. This has always been celesWuff’s core goal: to eliminate adware/spyware apps, WeChat mini-programs, and uni-apps that exploit nepotism and to place them on the pillar of historical shame.
Since then, without any promotion, waterctl has gained a significant user base, successfully replacing other WeChat-based solutions. We are deeply grateful for your support.
However, as many of you know, waterctl has faced unprecedented technical challenges since the start of this year. Thanks to the community’s attention and collaboration, celesWuff is now stronger than ever. Today, we are excited to announce the official release of waterctl 2.0. In our testing, this version is 100% compatible with the latest firmware—a surprising breakthrough, and we hope you will enjoy it.
While we celebrate this temporary victory, we recognize that waterctl will undoubtedly face even greater challenges in the future. And eventually, the current members of celesWuff will move on from waterctl's development. We hope to attract more people to join us.
All this is to say that we of celesWuff wish to share our learning experience with the rest of you. We hope to find more individuals within the waterctl (and other celesWuff software) user community who are interested in getting involved. Whether you're a new student this year, a seasoned industry veteran, or both; whether you're disappointed with your surroundings, or you've already assembled a capable team, we welcome you with open arms.
KOTH Challenge
CTF (Capture The Flag) challenges are common in the hacker community, aiming to break into a controlled system and extract a "flag" for fun and educational purposes. I highly recommend this to anyone interested in fighting for digital rights on campus, even if you are not a waterctl user. We are hosting a variant of the "King of the Hill" challenge, following the one team molecule held on Vita Island.
Our rules are similar to those of HENkaku eight years ago: we (celesWuff) are currently the kings of the hill. You (the challenger) can claim the throne by reversing our latest hack (Deputy) and explaining it. Since waterctl's source code is already open-source and we haven’t added any form of protection, you only need to explain what happens in
deputy.wat,algorithms.tsandsolvers.ts. Once we are knocked off, we will share all our research on waterctl. And, of course, like HENkaku, the challenge can be claimed by anyone who beats it (not just the first) and is only valuable to those interested in waterctl and digital rights. As the "prizes" are available to everyone and not just the first, we strongly encourage collaboration.To make the challenge as interesting as possible, like HENkaku, we used minimal obfuscation in our code and have reduced the difficulties of the puzzles a lot. The goal isn’t to see who are skilled security researchers but to invite all the developers and new students to have a chance to step into the work we have done so far. Therefore, most of the challenge’s difficulties will come from the design of the algorithm, not from us.
One more thing
It’s undeniable that waterctl wasn't an entirely ethical project at its inception; when the 2024 updates started rolling out, we were initially prepared to part ways with it.
However, things developed far beyond our expectations. People began selling "crack solutions" based on hardmods, others profited by selling our code, and some even ported our code back into WeChat... Reality turned out to be stranger than fiction, and we have chosen not to comment on it.
In the end, when we discovered that some devices were reporting a water usage discrepancy of up to 140% compared to actual consumption, we decided that we had to do something, even if it wasn’t a perfect solution.
But why? There could be many reasons, and I'm sure you can think of a few as you read this. Those who are truly determined to 'steal water' have long since turned to 剪黄线, whether to get back at resellers or fight against inflated water bills. But somehow, none of these reasons seem to fully explain it.
I think the best answer remains—because we can.