LAUNCH
00h 00m 00s

(CA will be published at moment of launch)

Strategy.
Wagered.
On-Chain.

Cryptan is a multiplayer Settlers-style board game where every match can be wagered using $SOL or $CRYPTAN tokens — settled entirely on-chain via Anchor smart contracts (now open-source at our github). No house, no trust required.

2
Wager Currencies
4
Play Modes
23h
Auto-Refund SLA
How it works
From wallet connect to winning

Four simple steps between you and the board.

01

Connect Phantom

Sign in with your Phantom wallet or create a username/password account with email verification. Your wallet address is linked to your profile.

02

Choose Your Stakes

Pick free play, a SOL wager, a $CRYPTAN token wager, or enter a prize tournament. Entry fees are locked into a Solana Anchor smart contract escrow.

03

Play & Strategize

Trade resources, place roads, build settlements and cities, play dev cards, and use the robber to dominate the board in real-time multiplayer.

04

Collect On-Chain

The winner's prize is transferred directly on-chain. If a match never completes, the escrow monitor auto-refunds everyone within 23 hours.

Game Features
Everything the board demands

A full-featured Settlers-style engine with competitive and social layers on top.

🎲

Full Catan Rule Set

Dice rolls, resource production, longest road, largest army, dev card deck, robber mechanics — including the optional friendly-robber rule.

🤝

Live Trading System

Propose trades to any player with real-time accept/reject. Port and bank trading with calculated ratios per player. Bots evaluate your proposals intelligently.

🃏

Development Cards

Knight, Year of Plenty, Monopoly, Road Building, and Victory Point cards — all managed in a shuffled deck with per-turn usage restrictions.

🤖

AI Bot Players

Fill empty seats with strategic bots that evaluate board yield, respond to trade offers, play dev cards opportunistically, and manage the robber tactically. Friendly-mode

👥

Social System

Friends list, friend requests, real-time direct messages, player profiles with avatars and custom cover banners, karma scoring, and global chat.

Karma & Reputation

Each player's conduct is tracked via a 0–100 karma score. Ratings from Legendary 🌟 down to Bad 💀 are visible to all — incentivising fair play.

🔊

Real-time Audio

Procedurally generated sound effects via Web Audio API — dice rolls, building placement, trade alerts, and game events all have distinct audio cues.

📱

Mobile-Ready

Responsive layout tested across desktop and mobile. Phantom wallet mobile deep links supported for wagered games on the go.

🗺️

Procedural Board

Every game spawns a freshly randomised hexagonal board with fair resource distribution, unique harbour positions, and variable number token placement.

Tokenomics
$CRYPTAN Token

A native SPL token on Solana used across the platform for wagering, tournaments, and future governance.

SPL Token · Solana

$CRYPTAN

Issued on Solana via pump.fun. Used for in-game wagering and tournament prize pools. Entry fees are locked into a PDA-owned SPL token vault — the same trustless Anchor escrow model as SOL wagers. The server only signs finalize/cancel instructions; it cannot move vault funds unilaterally. Players hold a 24-hour emergency refund escape hatch callable directly from Phantom.

Network Solana (mainnet-beta)
Standard SPL Token
Decimals Configurable (default 6)
Escrow Type PDA-owned SPL vault · trustless
Payout On-chain · no withdrawals needed
SOL Escrow Anchor Program (trustless)
Play Modes
🎮
Free Play
No financial stakes — just the game. Karma, win/loss stats, and leaderboard ranking are still tracked. Perfect for practice, friends, or casual sessions.
No cost
SOL Wager
Entry fee is locked into an Anchor smart contract PDA vault — the server cannot touch it. Winner receives 90% on-chain via finalize. If the game stalls, the escrow monitor auto-refunds within 23 hours. After 24 hours, players can self-refund directly from the vault with no server involvement.
$SOL · Anchor PDA vault · 10% fee
🪙
CRYPTAN Token Wager
Identical trustless guarantee as SOL wagers. $CRYPTAN entry fees are locked into a PDA-owned SPL token vault — not a server wallet. Payout calls tokenFinalize on-chain; the contract deducts the 5% house fee and transfers the rest directly to the winner's ATA. Full emergency escape hatch: after 24 hours players can call tokenEmergencyRefund from Phantom with zero server involvement.
$CRYPTAN · Anchor PDA vault · 5% fee
🏆
Tournament
Single-elimination brackets up to 32 players with an optional 3rd-place match. Entry fees pool into a prize fund distributed automatically to the winner on completion. Supports both SOL and $CRYPTAN prize pools.
SOL or CRYPTAN · Prize pool
Security Architecture
Defence at every layer

Cryptan is built with security-first engineering — from the HTTP headers down to integer-precision lamport arithmetic. The escrow smart contract is fully open source so anyone can verify the guarantees themselves.

🔐

Authentication

  • Custom JWT (HS256) with 7-day expiry; fatal startup if JWT_SECRET missing
  • bcrypt password hashing at cost factor 12
  • Email OTP verification (6-digit, persisted in Postgres with TTL)
  • OTP rows swept every 15 minutes to prevent enumeration
  • Password recovery via separate OTP flow with hash pre-storage
🛡️

HTTP Security Headers

  • Strict Content Security Policy — no unsafe-inline on script-src; inline scripts SHA-256 hashed
  • HSTS max-age 1 year with subdomains + preload (production only)
  • X-Frame-Options via frame-ancestors: none
  • Referrer-Policy: strict-origin-when-cross-origin
  • object-src none — blocks Flash, ActiveX, plugins
  • CORS origin locked to ALLOWED_ORIGIN env variable
⛓️

On-Chain Safety

  • Anchor smart contracts for both SOL and $CRYPTAN — server cannot unilaterally drain either vault
  • SOL vault: PDA-owned lamport account; token vault: PDA-owned SPL token account
  • House fee fixed at initialization on-chain — 10% SOL, 5% CRYPTAN, enforced by the contract
  • Emergency refund timelocks on both tracks: players self-refund after 24h with no server required
  • On-chain player order fetched before every cancel/finalize — recipient verification always passes
  • used_signatures table with UNIQUE index prevents replay and double-spend on all tracks
  • Math.round integer arithmetic — no IEEE-754 float rounding on lamports or token base units
🚦

Rate Limiting

  • Token-bucket per event type: login (5 cap), register (3 cap), action (20 cap)
  • Auth events keyed by IP — prevents socket-cycling attacks
  • Authenticated events keyed by username — survives reconnects
  • Stale bucket sweep every 15 minutes to cap memory growth
  • Separate limits for chat, DMs, friend actions, OTP resend
🔒

Escrow Monitor Pending Deployment

  • Background loop scans every 5 minutes for stale wager rooms
  • Auto-cancels and refunds after 23 hours of inactivity — before the 24h player escape hatch opens
  • Partial lobby refunds use direct transfer — vault stays alive for remaining players
  • Postgres advisory lock + in-memory Set prevent concurrent double-refund across processes
  • DB-persisted room state survives server restarts
🗄️

Data Integrity

  • PostgreSQL with idempotent schema migrations on startup
  • Express body size cap at 2 MB
  • User cache with 30-min TTL eviction; connected users never evicted
  • IP connection log with 90-day pruning to prevent unbounded growth
  • Wager room state persisted in JSONB for crash recovery
⛓️
Escrow Contract — Fully Open Source

The Anchor smart contract that holds every wager is published on GitHub. Read the Rust source, verify the fee math, confirm the emergency refund timelock, and check the deployed program ID on Solana Explorer yourself — no trust required.

✓ MIT licensed ✓ Program ID verifiable on-chain ✓ No trust required
View on GitHub
Detailed Security Architecture
Tournaments
Competitive brackets with real prizes

Single-elimination tournaments up to 32 players with automatic bracket generation, live match tracking, and on-chain prize distribution.

📋
Bracket Engine
Auto-generated single-elimination brackets. Optional 3rd-place match. Each round spawns dedicated wager rooms for matched players.
💰
Prize Pools
Entry fees accumulate into the prize pool. Winner payout via on-chain transfer — the prize_distributed flag ensures no double-payment even under concurrent load.
📡
Live Updates
Real-time bracket updates via Socket.IO. Players see match results, round progression, and their next opponent the moment a game ends.
🎖️
Stats & History
All matches, rounds, results, and player positions recorded in Postgres. Full tournament history browsable in-game.
Live Bracket Preview
QF
⚔ Alpha
◦ Bravo
⚔ Charlie
◦ Delta
◦ Echo
⚔ Foxtrot
⚔ Golf
◦ Hotel
SF
⚔ Alpha
◦ Charlie
● Foxtrot
◦ Golf
FINAL
👑 Alpha
● Foxtrot
Prize Pool 8× entry fee

The Goal

Be the first to reach 10 Victory Points (VPs). You earn points by building Settlements (1 VP), upgrading to Cities (2 VPs), securing Longest Road/Largest Army (2 VPs each), and drawing hidden VP Development Cards.

The Turn Phase

Every turn consists of three distinct actions:

  • 1. Roll: The dice sum dictates which hexes produce resources. Anyone with a building adjacent to that number receives the corresponding resource.
  • 2. Trade: Negotiate with other players for missing resources, or trade directly with the Bank/Ports.
  • 3. Build: Spend resources to expand your roads, construct settlements, upgrade to cities, or buy Development Cards.

The Robber (Rolling a 7)

If a 7 is rolled, no resources are produced. Instead:

  • Players holding more than 7 cards must discard half their hand.
  • The player who rolled moves the Robber to block a hex from producing resources.
  • They steal one random card from an opponent adjacent to that hex.
Detailed Tutorial
Karma System
Reputation that follows you

A 0–100 karma score tracks player conduct across all games and is visible to everyone before accepting a match.

🌟
Legendary
90 – 100
Good
75 – 89
😐
Neutral
50 – 74
⚠️
Poor
25 – 49
💀
Bad
0 – 24
Technology
Production-grade stack
Solana + Anchor
Smart contract escrow, SPL token transfers, trustless prize payouts
Node.js + Socket.IO
Real-time game engine, persistent rooms, event-driven multiplayer
PostgreSQL
Game state, user accounts, tournaments, escrow audit log
Helmet.js + bcrypt
CSP, HSTS, JWT auth, password hashing, OTP verification
Roadmap
The Path to Dominance
Phase 1 — Foundation · Completed
Core Engine & Web3 Rails
Full Catan-style ruleset (Base Island & Oceans expansion) SOL Smart-Contract Escrow (Anchor/PDA trustless vault) Social Layer: Karma system, Friends, DMs, and Profiles Advanced AI Bots with pluggable decision-making logic
Phase 2 — Token Infrastructure · Completed
$CRYPTAN Trustless SPL Escrow
Native $CRYPTAN token wager rooms — full Anchor PDA vault, no server custody PDA-owned SPL token accounts (server cannot drain; only program logic moves funds) 5% house fee enforced on-chain by tokenFinalize — server cannot over-charge On-chain 24h emergency refund escape hatch callable directly from Phantom Partial refund path for lobby departures preserves vault for remaining players On-chain player order verification for all cancel/finalize instructions
Phase 3 — Competitive · In Progress
Tournaments & Trust
Official Tournament System (32/64 player symmetrical brackets) Escrow smart contract open-sourced on GitHub — community-verifiable security Gameplay Promotion Video & Highlight Reels in production Marketing push across X, TikTok, and Discord Prize pool distribution logic for $CRYPTAN events
Phase 4 — Expansion · Upcoming
$CRYPTAN Launch & Ecosystem
Public Token Launch via pump.fun (2 SOL Initial Backing, Fair Launch) 100% Supply Burned upon bonding curve completion (Tiny $500 Ops Wallet) $300 DexScreener Enhanced Info & $200 Strategic Marketing Push ELO Ranked Matchmaking & Seasonal Leaderboards Buyback & Burn mechanism from house fees
Phase 4 (Post-Launch) — Smart Contracts · Upcoming
Mainnet Program Deployment
Anchor escrow program deployed to Solana mainnet after $CRYPTAN public launch Fully trustless on-chain SOL & $CRYPTAN wager vaults — server cannot move funds Emergency refund instructions live on mainnet — callable directly from Phantom Same mint address, no migration — seamless upgrade from devnet to mainnet
Phase 5 — Ecosystem Integration · Upcoming
Solana Ecosystem Partnerships
Magic Eden partnership — $CRYPTAN integration & in-game cosmetic NFT listings Phantom Wallet featured game placement — visibility to all Phantom users Solana Foundation grant application — accelerate mobile & ecosystem development Guilds, Clan Wars & inter-guild on-chain prize distributions Native iOS & Android clients with full Phantom Mobile integration
View Detailed Roadmap

Ready to play?

Connect your Phantom wallet, join a lobby, and start building. Your first game is always free.

Contract Address Pending
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DexScreener