Privacy

Unlock the contract by accessing private state data.

Vulnerable Code

Analyze the Solidity code below to find the vulnerability.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract Privacy {

  bool public locked = true;
  uint256 public ID = block.timestamp;
  uint8 private flattening = 10;
  uint8 private denomination = 255;
  uint16 private awkwardness = uint16(block.timestamp); // Use block.timestamp for uint16
  bytes32[3] private data;

  constructor(bytes32[3] memory _data) {
    data = _data;
  }

  function unlock(bytes16 _key) public {
    require(_key == bytes16(data[2]));
    locked = false;
  }

  /*
   * Potential STORAGE LAYOUT (check compiler specifics):
   * slot 0: locked (bool - 1 byte) + padding
   * slot 1: ID (uint256 - 32 bytes)
   * slot 2: flattening (uint8) | denomination (uint8) | awkwardness (uint16) (packed)
   * slot 3: data[0] (bytes32)
   * slot 4: data[1] (bytes32)
   * slot 5: data[2] (bytes32) => Slot to read
   */
}

Submit Explanation

Explain the vulnerability and how to exploit it.

Your Explanation

Hints (4)

Just a little peak

Hint 1

Hint 2

Hint 3

Hint 4

Explanation

Discomfort = Learning

Privacy

Unveil Explanation