[Ethereum] Inspecting private variables of a contract

go-ethereumprivatesolidity

In the solidity documentation, it is written

Everything that is inside a contract is visible to all external
observers. Making something private only prevents other contracts from
accessing and modifying the information, but it will still be visible
to the whole world outside of the blockchain.

I also read this answer.
Can anyone suggest a step to step process of inspecting private variables of a smart contract using the Ethereum data I stored on my system?

Best Answer

Assuming you have the source code for the contract in question, it's a two-step process:

Determine, from the source code, the location(s) in storage that you're interested in.
Call the eth_getStorageAt JSON-RPC method (perhaps multiple times) to retrieve the data.

Two of my blog posts might help:

Understanding Ethereum Smart Contract Storage explains how state variables are mapped to storage locations.
Making Smart Contracts With Public Variables shows how to call eth_getStorageAt from JavaScript to retrieve data from the contract.

If you do not have the source code, there are still a few things you can do. You can try to read the bytecode directly, you can use a disassembler to try to reconstruct the original source, or you can debug transactions to see where data is being written.

Best Answer

Related Solutions

[Ethereum] Make data from smartcontracts / events only visible for certain address/users

[Ethereum] Where to start with Solidity

Related Topic