Challenge 26 ☆☆

Welcome to challenge Challenge 26. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.

Secrets in smart contracts part 2

Our smart contract developer realized he wrote a secret to the chain and went back and wrote over it.

In this challenge, you need to read the variable named secret from the contract 0xCe793D588cd1Ee091290b4A1aE1D586B2a748eB4 on the Goerli EVM Testnet as it was before it got changed.

Answer to solution :

You can find the previous state one of two ways.

  1. Find the previous block via a request to Infura:

    • Find the block number for any block after the contract was created and before it was updated.

    • Search for the storage state of the contract for that block. The below command is an example vs the infura API:

      curl https://goerli.infura.io/v3/${your-infura-key} \
      -X POST \
      -H "Content-Type: application/json" \
      -d '{"jsonrpc":"2.0", "method": "eth_getStorageAt", "params": ["${contract address}", "0x0", "${blocknumber}"], "id": 1}'
  2. Look at the contract creation on Etherscan:

    • Look under the contract creation transaction on etherscan

    • Go to state and look at storage

Why overwriting secrets on the blockchain does not get rid of them

The state of the chain can be verified for any point in time by executing the state updates up until a certain block.

Updating the state of the chain does not remove previous changes to state.