Vulnerability for Puzzle#2: Relay attack. In Puzzle#1, somebody have sent a tx with whose <SHA256 of subscribed email> in the unlock script.
VERIFICATION FAILED: When I tried to verify this vulnerability. I found the have changed oracle's PubKey this month. Crackers cannot replay signature. They can only replay mail hash