tracyspcy

Challenge: Can you identify what is wrong with this simple Solidity guessing game contract that makes it easy to cheat?

https://lemmy.ml/post/1250759

Challenge: Can you identify what is wrong with this simple Solidity guessing game contract that makes it easy to cheat? - Lemmy

Jun 14, 2023 at 11:50amWeb
Show threadtracyspcyJun 18, 2023
BTW @[email protected] was right. Anyone can view the contract deployment transaction and see the value of secretNumber that was passed as an argument to the constructor.
@cypherpunks - Lemmy

cultural reviewer and dabbler in stylistic premonitions

Show threadLixenJun 20, 2023
For those that want to have an actual go at it: when deploying it with hardhat for example, you can pass in Math.floor(Math.random()*1000) as the constructor argument and then see if you can derive the number on the first guess.
Show threadtracyspcyJun 21, 2023
The formula will return a specific result of uint256 type which will be used in constructor on deployment, right? 😉