To beat this level, we need to unlock 🔓 the vault.
unlock()
function relies on a private state variablepassword
.
It only prevents other contracts from reading or modifying the information, but it will still be visible to the whole world outside of the blockchain. You can access it knowing its index in the slots of memory.
Layout of State Variables in Storage
Any contract that exists has
32
bytes-sized slots of memory. These slots of memory are2^256
bits long. They start at0
, and they go all the way up to2^256 - 1
.Multiple, contiguous items that need less than
32
bytes are packed into a single storage slot if possible.
- use getStorageAt() to get the storage at a specific position of an address.
Here, in our vault contract in the very first slot, we have
bool public locked
, on code compilation, it translates to storage slot0
. Andbytes32 private password
get translates to storage slot1
.
const password = await web3.eth.getStorageAt(instance, 1);
await contract.unlock(password);