Alyx 2.0

First Step pastebin.com/5N3zkqVb

Here we have an IRC chat log with the following hints:

<D4rkGh0st> no dude she was talking aboutbacon

<D4rkGh0st> I wISh I COuLD TakE A stEpbaCKWaRdsANd CHaNgE WHAt I DId, DONt WoRrY FOR ME, fINIsh whAT WE StARTed. I KNoW WE CaNTtuRN BAckThe TimE buT We CAN StillREVErSEThE eVEnts. ALyX

We are hinted that its Bacon Code so we can asume the following:

uppercase = A
lowercase = B

Resulting ciphertext:

babbabbbabbbaabbaabaaabbbabaabbabbababbbbabbbabbbabababbbbbbabbbaaaabbbbbabbbaabbbabbbbabbaabbbbaabaabaabaabbabbbbaaaabbbbabbbababbaaabbab

Since decoding with that simple substitution doesn't give any readable output:
Y??THKYZZPX?PD????HTKG?D?XS?
it's clear that something is missing.
The text has the following hints: backwards, turn back, reverse.
From here we know that we need to do something in reverse to decode it properly.

Decoding

The Bacon alphabet uses 5 bits for each letter

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More โ†’

To decode, we reverse the bacon alphabet:

Original:
    B = aaaab
    C = aaaba
    D = aaabb

Reversed:
    B = baaaa
    C = abaaa
    D = bbaaa

So, we divide the ciphertext every 5 characters:

babba bbbab bbaab baaba aabbb abaab babba babbb babbb abbba babab bbbbb abbba aaabb bbbab bbaab bbabb bbabb aabbb baaba abaab aabba bbbba aaabb bbabb babab baaab bab

Then we reverse each group individually:

abbab babbb baabb abaab bbbaa baaba abbab bbbab bbbab abbba babab bbbbb abbba bbaaa babbb baabb bbabb bbabb bbbaa abaab baaba abbaa abbbb bbaaa bbabb babab baaab bab

Decoding gives the following output:
TINYDOTCCSLASHINEEDYOURHELP โ€“> tiny.cc/ineedyourhelp

Note:

a lot of you reversed the entire text instead.
That's a valid method too since all the bacon alphabet has 5 bits, but by doing that you need to make sure that the entire ciphertext you are reversing is multiple of 5, otherwise you are placing trailing bits on the front of the ciphertext, messing all the decode in cascade, for example:
I want to encode the letter Y in the word computer with reversed bacon:

normal Y = babba | reversed Y = abbab

Encoded letter using reversed:
    ABBAB
    ComPuter

separate in groups of 5 :
    ComPu ter
    ABBAB BBB  <-- BBB are trailing bits

Reversing each group:
    BABBA BBB

it will decode the letter Y, ignoring the trailing bits.

=============================================
but if you reverse the entire text like this:
    retuPmoC

then the you are working with:
    retuP moC
    BBBBA BBA  <-- the trailing bits end up on front

BBBBA is not a valid bacon code.

To overcome this problem you need to remove the trailing bits until the ciphertext is multiple of 5, then you can reverse the entire text and it will decode correctly because it won't place the trailing bits on the front messing everything up.

FAQ

Q: The first step is so retarded, just make it multiple of 5! why did I have to remove the last 3 letters?

A: My goal was to avoid people solving that step by copy pasting into an online tool only knowing that "it's bacon and its in reverse" without understanding how bacon was reversed or how bacon code works at all. But Reversing the entire text was not an intended method and removing letters was an unintended extra step needed to be able to solve it this way.

Second Step pastebin.com/WREq3E1s

The text is ciphered in caesar, aka ROT. the line number of each line indicates the number of rotations needed to decode that individual line.

dau, e jaaz ukqn dahl, xqp benop, opknu peia, e cqaoo, d pNz ocdn vn v kgvxzcjgyzm nj d xvi fzzk ocZ mzvg gdIf nvaz mchwy nbcm jumny cm jLcpuny hi iHy mbiofx bupy uwwymm ni cn von vatgvxl tkx bm pbee zxm uknmxyhkVxw hk wblveHlxw tm lhfx ihbgm a fwwv lg escw kmjw qgm sjw wpsuLdq ozg a lzafc qgm sJw twxgjw ugflafmafy.
Nzzw, eSp faoLep wTYv td ctrse mpwzh, fdp jzfc fdpcylxp ld alddhzco
E9:?7:]4@>^G_6A

So to decode we use rot4,5,6,7,8,15 and 47 for the last line.

hey, i need your help, but first, story time, i guess, i uSe this as a placeholder so i can keep thE real liNk safe since this paste is pRivate no oNe should have access to it but chances are it will get bruteforCed or disclOsed at some point i need to make sure you are exacTly who i think you aRe before continuing.
Cool, tHe updAte lINk is right below, use your username as password
thinfi.com/v0ep

The link is protected and we need to use "our" username as password. Since the message was originally sent to D4rkGh0st, we know that D4rkGh0st is the password.

Third Step pastebin.com/HM4FX3Cn

Here we have another password protected link.
The message on this paste ends with:

Come on, go back and show me why you are the one I trust to 
get me out of here, I'm pretty sure you missed two words...
put them together and use it as password for the private notes

which is basically telling us to go back to step 2 and find two hidden words.
We can notice some "random" capital letters spread across the first paragraph.

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More โ†’

You will notice something, all the capital letters are vertically aligned with a comma, which indicates that there is something going on in vertical.

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More โ†’

Uppercase = dash
Lowercase = dot
-... .-.. --- -.-. -.- = block

The first word is block

the other word is hidden on the translated sentence from line 15:

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More โ†’

Second word is chain

Password: blockchain

Final Step

Link to URL

The email SecretComms@protonmail.com can be found in the metadata of the linked image, the image also contains Ethan Collins Identificative Key on the bottom 1E6FF4D21A475.

You need to send an email to SecretComms@protonmail.com impersonating Ethan (placing Ethan's key on the body of the email) and somehow make Tom miss his shift so Alyx can escape.
If you do it successfuly, Tom will reply exposing his Identification key needed to solve the weekly F74A0D97B976E