Developer interview

This is a multi-step technical exercise: a deliberately unsafe login demo (part 1), BitIndex comprehension (part 2), and a number-guessing “expensive API” unlock (part 3). The login uses a throwaway in-memory database that exists only inside this app.

Assessment only. Do not treat anything here as an example of how we build production software. The vulnerability is intentional and isolated from all real systems and data.

Start — part 1