[ARG] The Pizza Code Mystery


Yeah, Storm posing as Code_/0418 was always very helpful, and it was fun reading his interpretations of the whiteboards. I always had a feeling that he was Storm, even back when the first clues started to come out–I remember sitting in my college’s library on the IRC channel and thinking “This guy really knows a lot about these very complex whiteboard drawings.” What’s crazy is that, at one point in that conversation, Storm actually said about the Laser Optronic Linear Inducer Cannon something along the lines of “I get it, a LOL Cannon, almost”–something to that extent. If I had been sure he was Storm back then, maybe we would have uncovered the answer quicker, but hindsight is 20/20 of course.

Anyway, I firmly believe he has been trying to help us this whole time, and steer us in the right direction. I can imagine it drives him a little crazy from time to time that we haven’t solved this, or at the very least I imagine he would feel somewhat fulfilled if we can solve it. A creator of anything wants to see their work absorbed and valuated, especially something as complex and time-consuming as this.


a couple questions, the 21 into 1 hint has /*! at the beginning, from what I read does this mean it’s not supposed to be compressed? If so why have it there when it was just taken from the page?

in the hex file, at the end there is [/] . I looked that up too and I think it’s an error because something is supposed to go there,like login information and port numbers, I,“Think”. Can some clarify those for me please?

also if you take the first 12 digits of the hex starting at b32… and just count the first 12 numbers, it equals 47. I did this for all sets of 12 numbers and 3 rows equal 47. will report back on this later after more work.


Would it be possible that maybe those are padding? Perhaps as a way to make the entropy look more random than it actually is?


Wow, some activity. Was about to share this interesting twitter account. The devs own twitter account mentions some of their posts. Might not be related to this arg but still interesting.


Anyway, i need some help. Those arrays of graffiti and pizza boxes still bother me. I want to take another look need centered screenshots of them or at least the console command to center it myself.

That would be nice.


It was found in several JavaScript (.js) files, each of which did nothing but preload some images for the page it was used on.

if (document.images) {
	img1 = new Image();
    img1.src = "/galleries/bp/bpheader.jpg";
	img2 = new Image();
    img2.src = "/galleries/qe/qeheader.jpg";
	img3 = new Image();
    img3.src = "/galleries/st/stheader.jpg";
	img4 = new Image();
    img4.src = "/galleries/xmas/xmasheader.jpg";
 *Oh hai there, someones bein a nosy bounder aren't they...
 *Looking for ARG related stuffs?
 *I have a hint for you
 *21 goes into 1
 *Don't trust anyone, it's not safe.

In JavaScript, /* marks the beginning of a multiline comment, and */ marks the end of the comment. /*! tells some JavaScript compressors or minifiers to leave the comment in in place in the minified .js file. Usually, the minifier will remove all comments when creating the minified JavaScript code.

I don’t know why the /*! is there, since the .js files weren’t minified.

But there’s one funny thing about it, though: The ASCII code for ! is 33 in decimal, which is 21 in hex.

In IRC clues 4 and 5, and HALOS.txt, which all had inner codes, the code was wrapped inside a [OTR//x.0] (where x is an increasing number 2, 3 and 4 for each puzzle) and a [/]. The [OTR//x.0] probably acts as a header, marking the start of the code, and the [/] is the terminator, marking the end of the code.

The following console commands should give you a nice overview look of the pizza array:

map background12
ent_fire point_viewcontrol disable
sv_cheats 1
cl_leveloverview 0.65
setpos -3728.713379 2592.258789 1688.988403;setang 0 90 0

Why not use the coordinates directly? You could enter them into an Excel sheet and create a chart or something, as I did once. You can find the coordinates for all the pizza boxes here, and graffiti here.


This twitter account has been around for a bit, its made by a fellow who makes old school source maps and such. I asked him about it a ways back and its just for fun.


Hey, if you guys haven’t checked out the Xen trailer yet, do it!

The art and level design, as well as what story can be inferred from the scenery, looks to be exemplary, and no matter what happens with this ARG, I predict it will all have been worth the wait.

EDIT: I’m not sure why this would matter, but some info from the four codes can be derived:

1001-0851 = 150
3914-0914 = 3000

3000/150 = 20 which is the same number of characters needed for the SECOM code (even though we wouldn’t have known Code D until it was solved). Perhaps it was simply done that way so that if somehow someone thought to multiply the 150 by the number of characters needed for the SECOM cipher, and then tried the result of Code C plus 3000, they could have used the resulting Code D and maybe “brute forced” their way to the next part of the puzzle.


Maybe this was in place just in case we never figured out the key to the SECOM cipher? Otherwise, I really have no theories as to why the codes A-D are like that. Any thoughts as to how they might help us going forward?


right now I’m liking a multi grill cipher, or a rotating grill cipher. mark an x, rotate grill counter clockwise, mark z, rotate counter clockwise etc etc…


Anything come of it?

EDIT: Now that you bring it up, this is a pretty solid line of reasoning here.

I mean, the pizza clue was called “grilledpizza.jpg,” and we also have the pizza boxes and “the pizza is a lie!” messages that both appear to be in a grille “layout,” as seen below:

The question is, what would we use it on? Yes, we could use it on the Hex code, but we would have to use it on the non-hex version of it. We could also try using the message on the grilledpizza.jpg page–there has to be some reason for it being there. Otherwise, Storm could have simply included it in another IRC clue.

I’m at work now, but I can see what I can come up with a bit later on today when I get home. Has anyone already tried this? I know it has been mentioned before, but curious if anyone ever followed through with it.

Interestingly, if you add up the number of pizza boxes and “the pizza is a lie” messages, you get 21. Could these be our 21 characters needed for a key, as possibly mentioned in the “21 into 1” clue?

I threw something together real quick (yes, it’s very, very bad). I tried to keep the lines as close as I could, but a lot of the pizzas ended up off-center, while others were closer. There are a couple that are out of line with others, so I’m not sure if that just means the graph should have larger/smaller spacing, or what. Anyway, I ended up with 285 squares (15 x 19)–this is just a few characters shy of the character count in the non-hex message (that has 327-330). I’m not sure if this is helpful at all, but it does indicate that a grille is possible (perhaps even likely). I can improve on this a bit later today when I get home, or maybe someone with a bit more time and skill can beat me to it.


Let me know what you all think.


The problem I have with the Array of Pizzas and the Wall of Lies is that these first showed up in the Steam release of Black Mesa, which was some 2.5 years after we got the HALOS file puzzle. It doesn’t make any sense to give us a gateway puzzle with a key piece missing, and the puzzle is therefore essentially put on hold, and shortly thereafter give us a hint that time will reveal all things, then 2.5 years later give us the final piece, but then continue to say that time will (still) reveal all things.

I messed a bit with this in Excel using the actual coordinates a while back (however, in that post I was mostly concerned with attempting to composite the two arrays).

Here are the actual map coordinates taken from the map source files:

Array of Pizzas

-3679.83 2652.08 1321
-3679.39 2783.87 1312.22
-3787.11 2738.79 1312.22
-3573.8 2678.37 1312.22
-3687.61 2457.59 1312.22
-3912.47 2468.5 1312.22
-3935.43 2780.21 1312.22
-3733.33 2861.61 1312.22
-3519.22 2580.52 1312.22
-3568.73 2331.33 1312.22

Array of Graffiti

-1429.06 480 322.746
-1348 480 385.327
-1566.85 480 430.045
-1595.59 480 315.546
-1387.84 480 269.476
-1291.63 480 319.204
-1458.87 480 402.366
-1522.54 480 292.418
-1610.97 480 228.147
-1406.43 480 226.742
-1379.01 480 449.491

What I note about the coordinates is that they don’t seem very adjusted or rounded. Two of the pizzas appear to have been placed near the same Y axis, but there is still a 45.08 unit difference in the Y coordinates between the two.

If I were to make a grille, I would probably calculate the positions of pizzas according to a grid, and the two pizzas that seem to be close to the same Y axis, would have landed on the same Y coordinate. But of course, it is also possible that a helper grid was placed on the map as a guide, and then the pizza boxes were placed “by hand” in the grid without worrying about exact coordinates.


Here is what gave me the idea. You may or may not have played the most recent version of Uplink, it was made to go with the legacy version of Black Mesa. In it there are a couple of things to find. One is a purple top hat like in BM, also, there is a rotated cipher on a clipboard that ask where is code D. So at the beginning of Uplink, you can find several different types of computers and hardware running. One has the digits 1-9 out of order, almost like a suduko puzzle. Then there is a graph that has several points on it. One another screen, you will see what looks like the graph running from left to right, then another color graph running up and down. So I’m thinking, combining these 2 may yield something. I messed with it a little, but again doing it by hand, there are a lot of variations I have yet to do, like text front to back, back to front and so on.

also, it doesnt have to necessarily start at 0. Also, I included a couple images of what looks like audio, I dont know what the proper name for it would be, If you count from left to right the 8 digits, then count the squares up to the highest apex, it equals 21. That might be a bit of a reach though. Or maybe even start at 2 and go backwards 2…1…


Don’t forget we have a second wall of lies. Coolant tank in map background14.


Coordinates in case anyone is interested in those.

Second Wall of Lies (background14)

344 1413.71 -921.91
344 1410.43 -863.767
344 1482.74 -929.483
344 1479.22 -862.519
344 1412.53 -796.695
344 1483.23 -797.234


One of the phrases written in the image from Uplink, which you posted earlier in the thread, was “Dr. Bottomley must pay”. That seems to be a mistake. It is in fact Dr. Stone who must pay. Dr. Bottomley was Dr. Horn’s friend. At least, they both had access to the secret labs X01/X02 and must have been working together. Remember, Code D was addressed to Dr. Bottomley.

Anyway, this tells me that whoever made Uplink isn’t connected to the ARG in any way, since they made such a basic mistake. They are probably just a fan of Black Mesa and the ARG, and put these things in Uplink as Easter Eggs for fun.


The image you are talking about, I did not find in uplink, I found it while scouring the net. The image that has the gent with the red writing all over it, saying the pizza is a lie, steals it, eats it. Where did that picture actually come from? I have not been able to find where and when it showed up. As for the bottomley must pay image, like you say its likely not related to the arg, being that there are several things written on the image, it seemed somewhat like a promo for uplink. As for the resources used in uplink, I still think there could be something there as for the picture I posted earlier today. It doesnt necessarily have to be THE answer, but it could be close to what we might have to do. Lining up the arrays on top of each other would be hard to just guess the orientation of the proper line up. What if the proper orientation when the 2 are lined up on top of each other goes in a high low or low high order. Just spitballing. Pretty much every computer in game that shows the streaming graphs, it shows 3 different graphs scrolling, that have the zig zags. Being that there are 3, and then you see another one that looks like it has 4 overlaid on each other, perhaps the 3 are a process of elimination for the 4th.


It turns out it came from the moddb page.

We got that image from the Tempus omnia revelant wiki page, which was created by Dr. Horn.

If you are referring to the pizza and graffiti arrays, then yes, they are oriented in completely different planes of orientation (XY, XZ and YZ), and have completely different offsets with respect to origin, with no obvious points of reference that could help with alignment.


Yesssirrr, I’ll be workin on that for the next day or two.


Warning: this is going to be technical, where I’ll be continuing a line of thought from a few weeks ago, focusing on the block cipher theory.

From the OTR protocol spec:

So, what we have is AES encryption, using a 128-bit key, performed in counter mode (AES128-CTR), which requires an intial counter value in addition to the key. One feature of the counter (CTR) mode is that it doesn’t require the message to be a multiple of the block size of the block cipher, which is 128 bits in the case of AES. And that’s a good thing in our case, since the “non-hex” code isn’t an even multiple of 128 bits (or 16 bytes). So, for this theory, I’m assuming the 64-bit block size of the HALOS code is either a coincidence, or something done deliberately to confuse us.

According to the OTR spec, for the first message, the initial counter value should be (in hex):

00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00

and then, during decryption, for each block of the message, the counter will be incremented, like this:

00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01
00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 02

However, if we look at the HALOS.txt message, we find ?OTR,3,4, in the header. According to the OTR protocol spec, ?OTR,3,4, means that this is message piece number 3 of 4. This could be a hint that the initial counter value should be:

00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 00

Or, maybe it’s just a hint that the HALOS code is just one of many messages, where the number of messages is unknown, so we’ll need to increment this number an unknown number of times, and try decryption for each value of the initial counter.

Another possibility could be that what we have is indeed the third message, as indicated by the ?OTR,3,4,, but just a fragment of a larger message starting from some arbitrary block number, and therefore, we have to increment the lower part of the counter instead.

However, we still need the correct key. So, potentially, we may need to try this with a lot of potential keys, which could take a very long time, depending on how far into the 64-bit number space we are going to increment into. Incrementing through all the 18446744073709551616 possible values of a 64-bit number just isn’t feasible.

And then there are all the potential problems related to how to convert a password or passphrase to a 128-byte key. Do we need to hash the password, or just pad it? If we just need to pad it, do we pad it with null bytes, spaces, or some other character?

In order to test this theory, we are going have to do some programming. But, with many unknown variables still in the equation, we risk doing a lot of time consuming work with nothing to show for it.


According to the OTR spec, a fragmented message that has been split into several pieces, still counts as one message, and the fragments would have to be reassembled before decrypting the message. Therefore, there is no link between the piece number in the OTR header (?OTR,3,4,) and the number in the upper half of the initial counter value. The message number, and hence also the initial counter value, could therefore be unknown, since we don’t really know if the encrypted message is the first (and possibly only) message, or any one of several messages in a larger transmission. The fact that we have the [ABORTIVE.] towards the end of HALOS.txt, might suggest that we only have a partial transmission, or even just a partial message.


Flavrans, how likely could it be that we are working with some sort of stream cipher?


Based on the properties of the 752 hex code alone, I’d say it’s just as likely that we are working with a stream cipher as a block cipher. Most, if not all, modern stream ciphers are capable of producing a ciphertext with the kind of entropy that we see in the 752 hex code.

The question is, is there anything in the clues that could support the idea that it is a stream cipher?

The most commonly used stream cipher is RC4 (aka. arcfour), which has been widely used on the web in SSL/TLS traffic, but has now been found to be insecure and replaced by ChaCha (which is based on the Salsa20 cipher [tacos anyone?]), or AES based ciphers.

RC4 can take a key with a size of 40-2048 bits, and doesn’t need an initialization vector (IV).

Note that the CTR (counter) mode of operation, as well as the CFB (cipher feedback) and OFB (output feedback) mode, are actually turning a block cipher into a stream cipher.