Ethernaut-Delegation — “dangerous” delegatecall
Delegatecall is a very specific function which used rashly could be very dangerous. But used after reflection gives a plenty of facilities and possibilities. What does this function make?
When a contract makes a function call using delegatecall it loads the function code from another contract and executes it as if it were its own code.
EIP-2535 Diamonds
This sound powerful, isn’t it? Let’s look into the example contracts from
Solidity by Example.
In this example, when someone will cal function setVars from contract A, delegatecall will be called. Inside delegatecall we see that it will call a function setVars(uint256) from contract with address equal to _contract. The value which will be sent to this function is equal to _num. Thanks, delegatecall setVars function from contract B will start execute. But here is the core of it. If this function change the value of any variable, it will be change not in contract B, but in contract A. How the function setVars from contract B will know which variable change? By name? No, no by name. To understand this, we should know that Solidity saves every variable in storage. Function called by delegatecall works on numbers of slot. What I mean by that? In contract B function setVars set num (variable in slot number 0) to _num, sender (variable in slot number 1) to msg.sender and value (variable in slot number 2) to msg.value. When we call this function by delegatecall we set the variable in slot number 0 in contract A to _num, the variable in slot number 1 in contract A to msg.sender and so on. Therefore, it is very important to have the same storage layout in both contract.
How you see, delegatecall has a great power. But with great power comes great responsibility. So we have to be careful when we use it.
ABI
In example code, we see the function abi.encodeWithSignature, so let’s focus on the ABI.
The ABI is the method for encoding and decoding data into/out of the machine code.
Jean Cvllr
What is mean? In my previous post, I wrote that every information in our electronic device is saving in binary way. But I didn’t mention what is rules of change one of it to others. How for example change film or song to binary file? How to write a computer game in a binary form? It’s very difficult task and every type of files make it different, therefor we use filename extension to inform how compiler change one to the other. And ABI is a method how convert our contract written in understanding for us way to machine code and opposite.
Inside delegatecall we need to put something called selector. Every function have their own selector (it’s a bytes4 object) and function like delegatecall or call could point to them by selector. To obtain selector, we have two options:
bytes4 selector = bytes4(keccak256(bytes(“transfer(address,address,uint256)”)));bytes4 selector = abi.encodeWithSignature(…);
If you want to get more information about ABI, I recommend this awesome post.
Information that all function has their own selector is always true with one exception. The fallback function doesn’t have selector.
I hope you find this post useful. If you have any idea, how could I make my posts better, let my know. I am always ready to learn. You can connect with me on LinkedIn and Telegram.
If you would like to talk with me about this or any other topic I wrote, feel free. I’m open to conversation.
Happy learning!
New to trading? Try crypto trading bots or copy trading
