Unlock the vault to pass the level!

This is the contract’s code:

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract Vault {
    bool public locked;
    bytes32 private password;

    constructor(bytes32 _password) {
        locked = true;
        password = _password;
    }

    function unlock(bytes32 _password) public {
        if (password == _password) {
            locked = false;
        }
    }
}

First, we need to get an instance for the challenge:

  1. After connecting our Metamask wallet, click on “Get New Instance”:

    alt text

  2. After approving the transaction, the contract address will be shown in the browser’s javascript console:

    alt text

We need to make the locked state variable of the contract true. To do so, we need to call the unlock function, which verifies that you know the password, which is set at contract deployment.

Note that the password variable has the private attribute. However, private just means that the variable can only be accessed and modified from functions of that same contract. Even though a getter won’t be created for that variable, the blockchain state can always be queried. In this case, the password variable takes the slot 1, so we can query its value using this command:

cast storage 0xa7E278775E0f7e5dB408a8aaD54fEedd0b175BA1 1 --rpc-url $SEPOLIA_RPC_URL

alt text

Although it is not necessary, we can now convert that into bytes using whatever we like. I like python :P

from Crypto.Util.number import long_to_bytes
long_to_bytes(0x412076657279207374726f6e67207365637265742070617373776f7264203a29)

alt text

And now we can unlock the vault:

cast send 0xa7E278775E0f7e5dB408a8aaD54fEedd0b175BA1 "unlock(bytes32)" 0x412076657279207374726f6e67207365637265742070617373776f7264203a29 --rpc-url $SEPOLIA_RPC_URL --private-key $PRIVATE_KEY

and the challenge is solved!

alt text