Ethernaut “Telephone” problem.
Third instance of a series covering the awesome set of security problems curated by Zeppelin Solutions at: Ethernaut.
This one is going to be really short, since the problem itself is pretty contrived and there’s not much to look at:
Claim ownership of the contract below to complete this level.
If you’re not completely new to solidity you should be able to read this and think. “Hmmm…How does tx.origin != msg.sender”? A quick google search will answer that question, tx.origin will always refer to the original address that made the original transaction (even if the contract you call, calls another, tx.origin will always refer to your address), while msg.sender refers to the address of the last caller to the current contract evaluating the transaction.
Like in most cases, you pwN a smart contract using another:
Calling Patrick from any Ethereum address with the address your playing the Ethernaut game as a parameter will result in a win!
Conclusion
Though the exploit was rather obvious, it’s still a very good problem to reflect on the cases where you’d actually want to use tx.origin over msg.sender. There are some downsides (you can read them on a successful submit!) but it’s a bit hard to think of some upsides. Why don’t you post any you come up with here? I promise I’ll kick the thought back and forth with you : )
