The description hints at us that the *achVendID* and the *magicNumber* of the OTF files provided to us may be modified to include extra values. The structure of the OTF file is explained [in this external source](https://simoncozens.github.io/fonts-and-layout/opentype.html).

In order to retrieve all relevant data within the OTF file, I used the linux tool `ttx` to dump all relevant content into an XML document.
 

 

When viewing the resulting file, and looking at the *magicNumber* field, we get a hex value that (when decoded) gives us "s". The *achVendID* gives extra text which, when combined with the magicNumber field, gives us the flag prefix. This proves that the flag is being stored in this manner.
 

 

 

Therefore, we can automate this process on the rest of the font files. They are all ordered accordingly (with their index prepending the actual font name), which when combined with all of this will give us the flag. This python script will perform all of this.
```python3
#the flag is stored in each OTF's table, in the order [magicNumber]+[achVendID]
#first, we dump all the TTX
import os
from glob import glob
from lxml import etree
os.system("ttx *.otf")

#now, individually iterate through each ttx
flag = ["?" for _ in range(8)] #there are 8 font files
for ttx_name in glob("*.ttx"):
ttx = etree.parse(ttx_name)

#get the magic number; convert it to a character and start the flag part
magic_num = int(ttx.find("./head/magicNumber").get("value")[2:],16)
flag_part = chr(magic_num)

#get the achVendID and add it to the flag
flag_part += ttx.find("./OS_2/achVendID").get("value")

#add our flag part, in order, to the flag
flag[int(ttx_name[0])-1] = flag_part #assuming each font file starts with the index

#print the flag and clean
print("".join(flag)[:-4]) #we print until -4 because the \x00 is there, atleast for me
os.system("rm *.ttx")
```
 

`shctf{th3r3_1s_always_s0me_h0p3_4r0und}`