2

I'm trying to get the value of private variables from web3.eth.getStorageAt() that requires 2 parameters, one is an address, and another is index position. So, I have 3 questions.

  1. How to get the index position? (How do I know that my desired variable's index is?)

  2. Is it possible to get the value of private variables from other contracts that I don't have any ABI of them?

  3. Is it possible to get the value of private variables from the contract by another contract? (No need front end client like web3js)

Improve this question

2 Answers 2

Reset to default
2

  1. It depends on the storage slot. If you have the Solidity code available, you can figure out the slot, see https://solidity.readthedocs.io/en/v0.6.6/miscellaneous.html#layout-of-state-variables-in-storage.

  2. The ABI actually doesn't help here, what you need is the source code. If you don't have the source code, you could try using a decompiler or reading the assembly. So yes, it's technically possible, but may be a bit more work depending on the contract.

  3. No, this would be a big security problem. You can rely on other contracts not being able to read private variables. Declaring variables as private is sometimes just for usability, but in some cases actually critical for the security. Just always keep in mind that anything that's not a contract can read private variables, so don't store private keys here for example.

Improve this answer
3
  1. If you are using foundry for development, the cast command line utility will give you entire storage layout for your contract.
    You'll have to give an rpc-url for the network and the blockscanner api key. Eg :
cast storage 0x6777DBf38f67B448174412bAaF21F38e058b1f4B --rpc-url https://polygon.llamarpc.com --etherscan-api-key <etherscan-api-key>
Improve this answer
0

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.