• Arthur BesseA
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    is this a trick question? i don’t see how the secret number is supposed to be secret at all; surely the call to the constructor must reveal it to everyone? (disclaimer: i don’t know much about how ethereum contracts actually work, but my impression is that (1) this doesn’t make any sense and (2) you could probably get funding for a business built around it anyway.)

  • tracyspcyOPM
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    BTW @cypherpunks@lemmy.ml was right. Anyone can view the contract deployment transaction and see the value of secretNumber that was passed as an argument to the constructor.

  • tracyspcyOPM
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    It is definitely a trick question and code intentionally made to be vulnerable to have fun finding what’s wrong and why it is bad practice to do so :)

  • Lixen@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    For those that want to have an actual go at it: when deploying it with hardhat for example, you can pass in Math.floor(Math.random()*1000) as the constructor argument in the deploy script, and then see if you can derive the number on the first guess.

    • tracyspcyOPM
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The formula will return a specific result of uint256 type which will be used in constructor on deployment, right? 😉