In solidity, “Private” variables can only be read by the contracts and is not accessible to the outside world. But, it is possible to access these data from outside the blockchain. Let’s see how we can read private data from smart contracts.
Table of Contents:
1. State Variable Visibility2. Storage layout in EVM3. Accessing private data using Ethers4. A small challenge5. Remediation6. Reference
State Variable Visibility
According to Solidity Docs, There are three visibility modifiers that users can use: public, internal, or private.
- Public: Public means that the variable can be accessed by the contract and by other smart contracts.
- Internal: Internal means that the variable can only be used with the contract it is defined in and its subclasses.
- Private: Private means that the variable can only be accessed within the contract it is defined. Trying to access it outside this contract gives a compilation error.
In Solidity, “Private” variables are not accessible to the outside world. But wait, if private data can only be accessed within the contract then how can we access these data from outside of the blockchain?We will come to it but let’s first understand storage layout in solidity.
Storage Layout in EVM:
The EVM (Ethereum Virtual Machine) stores smart contract data in a large array with a length of 2**256 in slots on the blockchain. Each memory slot can hold up to 32 bytes of data. The EVM stores smart contract state variables in the order that they were declared in slots on the blockchain. The default value of each slot is always 0, so we do not need to assign a value to 0 when the new declaration is.
Smart contract storage is optimized to minimize space. If two or more variables fit into a single 32-byte slot, they are packed into the same slot, beginning on the right.
Look at the following example for a better understanding of how storage works in EVM.
Storage for Dynamic data types:
Mappings and dynamically-sized array types cannot be stored “in-between” the state variables before and after. Instead, they are considered to occupy only 32 bytes and a different storage slot that is computed using a Keccak-256 hash of the elements they contain.
Accessing Private data from Blockchain:
To access Solidity smart contract private data we can follow the following steps. Here we will be using ethers.js for extracting data.
- First, we need to read the contract and understand the order in which the state variables are declared. Let’s suppose we want to access slot0.
- We can use ethers.js to read the memory slots of the contract on the blockchain. Use the below function:
await ethers.provider.getStorageAt(contract_address, 0); - It will return hex encoded value, we can simply decode it or use ethers utils functions or some sort of hex decoder to decode it.
Ethers.js Script:
You can also use the following js script to fetch private data from the blockchain.
Guide for running script:
- Install ethers from npm:
npm install ethers - Get a rpc_url of the required network from alchemy and add it to the above script.
- Change the contract address and slot in the below script and simply run the js code. Decode the returned hex value.
A small challenge:
Goerli link: 0x4c77de8a0ec0390826f87f227bb8762ab2189194
Objective: Change the value of pwned to true. You can use the above script to extract private data.
Remediation:
In the current state of the blockchain, do not keep sensitive private data in smart contracts. The safest method to keep your private information safe is to avoid storing it on a public blockchain.
All Comments