explaingit

margele/openzen

Analysis updated 2026-06-24

56JavaAudience · researcherComplexity · 5/5LicenseSetup · hard

TLDR

A work-in-progress reverse-engineered open-source version of the Zen Minecraft cheat client for 1.20.1 Forge, recovered from a Zelix-obfuscated jar using LLM-assisted deobfuscation.

Mindmap

mindmap
  root((OpenZen))
    Inputs
      Original Zen jar
      Minecraft 1.20.1
      Forge 47.4.20
    Outputs
      Buildable Gradle project
      Renamed classes
      Click GUI
    Use Cases
      Study Zelix deobfuscation
      Inspect cheat client internals
      Audit reported backdoors
    Tech Stack
      Java
      Gradle
      Minecraft Forge
      Enigma
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Study how Zelix KlassMaster obfuscation can be unwound with LLM assistance

USE CASE 2

Read source for a Minecraft Forge client mod that was previously a binary blob

USE CASE 3

Audit the reported login-time screenshot backdoor in the original Zen client

USE CASE 4

Use the project as a reference for building your own Enigma-driven deobfuscation pipeline

What is it built with?

JavaGradleForgeEnigma

How does it compare?

margele/openzenhappynewyear1995/uba-xlywnl/ai-app-generation
Stars564734
LanguageJavaJavaJava
Setup difficultyhardhardhard
Complexity5/54/55/5
Audienceresearcherdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1day+

Project is early, README is mostly Chinese, many features may not work, and original Zen contains documented backdoors so the upstream binary should not be run.

Released for study and research only, the original obfuscated bytecode has no license and recovered names may not match original intent.

In plain English

Open Zen is a work-in-progress, reverse-engineered open source version of a Minecraft client called Zen. Zen is a cheat client, the kind of modified Minecraft client that adds unsanctioned features for use against game servers. The target environment is Minecraft 1.20.1 with Forge 47.4.20. The README opens with a warning that the project is in an early stage and many features may not work yet, asking users to file issues or pull requests when they hit gaps. It is written almost entirely in Chinese. The original Zen jar was heavily obfuscated using Zelix KlassMaster: classes, fields, and methods were renamed to meaningless tokens, control flow was flattened, strings were encrypted, and invoke-dynamic calls were used to hide method references. The author describes using Anthropic's Claude Opus 4.7 to analyze the obfuscation, write a custom deobfuscator for the parts existing tools could not handle, and then guess sensible names for classes and methods with the help of an Enigma MCP server and Claude Sonnet 4.6. After about six hours of automated repair plus a small amount of manual fixing, the result is a buildable Gradle project rather than a binary blob. A portion of the cleanup involved the invoke-dynamic and string-encryption layers, whose master key is protected by a native library. The author found that the native library still loads and registers classes even without passing client authentication, which let the deobfuscation cover those parts of the code as well. The README spends a section on backdoors found in the original Zen. The analysis shows that on login, the client triggers a screenshot, and the Zen developer can request screenshots, scan and upload local files, or run remote commands. There is a linked BACKDOOR.md with details. Because of this, the project advises against running the original Zen at all. A standalone screenshot of an in-game click GUI is included for reference. Licensing is explicit: the original obfuscated bytecode has no license, and this repository's deobfuscated source, build scripts, and docs are released for study and research only. The author notes that some recovered symbol names are reconstructed from context and may not match the original developer's intent. Credits go to Claude, the Java Deobfuscator project, references to Themida and Zelix as the obfuscation tools, and the author's own Enigma MCP server.

Copy-paste prompts

Prompt 1
Build OpenZen against Minecraft 1.20.1 and Forge 47.4.20 with Gradle and report which classes still have placeholder names
Prompt 2
Walk through how the author used Claude Opus 4.7 and an Enigma MCP server to rename obfuscated symbols in Zen
Prompt 3
Read BACKDOOR.md and summarize exactly what the original Zen client sends to its developer at login
Prompt 4
Identify which parts of OpenZen's invoke-dynamic and string-encryption layers still depend on the native library
Prompt 5
Translate the Chinese README of OpenZen to English and flag any features the author marks as unfinished

Frequently asked questions

What is openzen?

A work-in-progress reverse-engineered open-source version of the Zen Minecraft cheat client for 1.20.1 Forge, recovered from a Zelix-obfuscated jar using LLM-assisted deobfuscation.

What language is openzen written in?

Mainly Java. The stack also includes Java, Gradle, Forge.

What license does openzen use?

Released for study and research only, the original obfuscated bytecode has no license and recovered names may not match original intent.

How hard is openzen to set up?

Setup difficulty is rated hard, with roughly 1day+ to a first successful run.

Who is openzen for?

Mainly researcher.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.