Open in app

Sign in

Write

Sign in

#8 — Ethernaut Challenge 8— Vault

Rahul Pujari
Coinmonks
Published in
2 min readDec 28, 2022

--

Objectives of the challenge:

  • Unlock the vault to pass the level

Understanding the code:

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract Vault {
  bool public locked;
  bytes32 private password;

  constructor(bytes32 _password) {
    locked = true;
    password = _password;
  }

  function unlock(bytes32 _password) public {
    if (password == _password) {
      locked = false;
    }
  }
}

The code declares a public variable locked, a boolean-type variable that will check whether the vault is locked. There is also a private variable named password that is of bytes32 type. This password may be private, but it is still accessible, as we shall see. The constructor marks the locked variable as true and sets the password a _password that comes with the deployment from the deployer.

The unlock function accepts the _password as the parameter and unlocks the vault if the password matches.

New to trading? Try crypto trading bots or copy trading on best crypto exchanges

How to hack this contract?

  1. Fire up the console on the Ethernaut page and get a new instance.
  2. Let’s check if the vault is truly locked or not by checking await contract.locked(). It should return true meaning that the vault is locked.
  3. Now, let’s use web3js — go ahead and type in await web3.eth.getStorageAt(contract.address, 1). This command just checks the storage of the contract and what’s available(well, shocker: your private variables are also visible) in the memory slots of the contract. So, we pass in the value of 1 to get the password, and if you want to get the value of the locked variable, you can input 0. This happens because of how we declared these two variables in order. So after you run this command, you get the password.
  4. Now all you have to do is contract.unlock(“x”), where x is the password you got in the previous step.
  5. Check await contract.locked() to ensure that locked is now false and submit instance!
  6. Congratulations! You unlocked the vault!

If you found this blog helpful, please follow and clap for more similar content!

Thank you for reading this far.

Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing

Also, Read

Solidity
Smart Contract Security
Blockchain Security
Smart Contracts

--

--

Rahul Pujari
Coinmonks

Written by Rahul Pujari

13 Followers

I am a student in a university in India, I talk about web3 tech and blockchain because I am a web3 enthusiast!

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams