Blockchain Pro

Ethernaut 12 Privacy Foundry Solution 2024 Tutorial

Ethernaut 12 Privacy Foundry Solution 2024 Tutorial

Source link

πŸš€ Ethernaut 12 Privacy Foundry Solution – 2024 Walkthrough Tutorial πŸš€

Welcome back, hackers! πŸ”’ In today’s tutorial, we’re diving into the Ethernaut 12 Privacy challenge. Get ready to find juicy secrets on the blockchain using Foundry.

πŸ“š Prerequisites πŸ“š

Before we start, make sure you’ve completed these prerequisites:

– Watch the first video in our series on how to get started with Ethernaut and set up your Foundry environment for tackling challenges:

– Clone the Ethernaut Foundry Solutions Repository on GitHub (don’t forget to leave a star πŸ˜‰):

πŸ‘¨β€πŸ’» Become a Certified Smart Contract Hacker πŸ‘©β€πŸ’»

If you’re looking to turn Smart Contract Hacking into a career, check out our full Smart Contract Hacking Course. Gain in-depth knowledge, practice with hands-on exercises, and receive an official Smart Contract Hacker certificate, use the following discount link:

πŸŽ“ Understanding the Challenge:
In the Ethernaut 12 Privacy Challenge, the goal is to unlock the Privacy contract. We will have to find some secrets from the contract state and analyze its storage, that’s gonna be super interesting! We got a small tip to use other tools apart from Metamask, well… you already know that Foundry is our friend πŸ˜‰

The privacy smart contract has some public and private variables. The contract starts in a locked state, and you can unlock it by calling the unlock function with a specific key (third element of the data array). The constructor initializes the data array with values passed during deployment. Now the data state variable is a private array of 32 bytes, how can we read it? Maybe we can’t since it’s private? We actually can… Let’s see how πŸ˜‰

Storage Slots in Solidity:
In Solidity, storage slots are used to store and organize data within a smart contract. Each storage slot is a 32-byte space, and these slots are numbered starting from 0.Β 
Each storage slot in Solidity can hold 32 bytes of data.
State variables are allocated to these slots based on their size.
Different variable types occupy different amounts of storage space. For example, a bool takes one slot, a uint256 takes one slot, and so on.

Storage Optimization in Solidity:
Solidity employs storage optimization techniques to reduce the overall storage costs of smart contracts. Solidity tries to pack small variables into a single storage slot to make efficient use of space. For example, if you have several uint8 variables, Solidity may pack them together in a single storage slot (since they don’t occupy 32 bytes but only 1 byte)

After we understand how the EVM storage works, we can understand what the storage layout of the Privacy smart contract looks like:
Ethernaut Privacy ContractΒ StorageThe critical data we seek is stored in slot 5, specifically the last item in the data array.

We’ll use Foundry’s built-in tool, cast, to query storage slots systematically, starting from slot 0. Our focus is on finding the data stored in slot 5, which will be the key to unlocking the contract. From the command line, we can execute the following command:
`cast storage [contract-address] [storage-slot-number]`

Once we’ve located the data in slot 5 using cast, we’ll retrieve it as our unlocking key, and unlock the contract!

πŸŽ‰ Congratulations! πŸ₯³
By the end of this tutorial, you’ll conquer the 12th Ethernaut Privacy Challenge!

Subscribe to the YouTube channel for a continuous flow of knowledge, Stay tuned for the next tutorial! See you in the blockchain security playground! 🫑

See you in the next video! πŸ˜‰

00:00 Intro
00:45 Privacy Challenge Overview
01:50 The Privacy Smart Contract
02:45 EVM Storage Layout Explained
08:10 Breaking Down Privacy Storage Layout
09:22 Using Foundry Cast to Query Storage
11:48 Using Blockchain Explorer to Find the Key
12:36 Solving the Challenge

date : 2024-02-07 10:45:00

views : 165

likes : 10

rating :

found searching for foundry solidity tutorial

Leave a Comment

Your email address will not be published. Required fields are marked *