First Flight #1: PasswordStore

Summary

Private variable are exposed on realtime blockchain because everything is public on blockchain and private variable in solidity has different mean like if variable is private means it is only accessible in specific contract it is in not that it will be hidden on public blockchain as well.

Vulnerability Details

See Summary

Impact

Anyone can see password because it is exposable on blockchain network.

POC

Deployed Contract with command make deploy and it deployed contract on address 0: contract PasswordStore 0x5FbDB2315678afecb367f032d93F642f64180aa3
Used cast to retrieve private variables with commands
cast storage 0x5FbDB2315678afecb367f032d93F642f64180aa3 1 //Reading slot 1 variable and it gives output which is
Hexadecimal: 0x6d7950617373776f726400000000000000000000000000000000000000000014
And conversion of this hex decimal be like
Bytes:

• 6d (char 'm')

• 79 (char 'y')

• 50 (char 'P')

• 61 (char 'a')

• 73 (char 's')

• 73 (char 's')

• 77 (char 'w')

• 6f (char 'o')

• 72 (char 'r')

• 64 (char 'd')

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 00 (null byte)

• 14 (char '\x14')

The given hexadecimal string corresponds to the following byte sequence:

myPassword\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x14

Tools Used

Cast, Foundry

Recommendations

Never store Sensitive information in private variables.