Ethernaut(Lvl 17 ): Recover lost tokens

Ethernaut(Lvl 17 ): Recover lost tokens

Find whats lost on the blockchain.

It's not uncommon for Solidity developers to encounter the challenge of misplacing the address of a newly created contract. This oversight can lead to frustration, especially when compounded by the loss of transaction receipts and other methods of tracing one's actions.

In such situations, it's essential to have alternative methods for retrieving the contract address. One approach involves examining the raw sender information associated with the transaction that deployed the contract. By delving into the details of the transaction, including sender addresses and transaction hashes, developers can often locate the contract address.

Another method involves leveraging external blockchain explorers such as Etherscan. These platforms provide comprehensive blockchain data, including transaction details and contract addresses. By searching for the transaction hash associated with the contract deployment, developers can quickly retrieve the contract address from platforms like Etherscan.

The Challenge

The challenge involves a very simple token factory contract. Anyone can create new tokens with ease. After deploying the first token contract, the creator sent 0.001 ether to obtain more tokens. They have since lost the contract address.

This level will be completed if you can recover the 0.001 ether from the lost contract address.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract Recovery {

  //generate tokens
  function generateToken(string memory _name, uint256 _initialSupply) public {
    new SimpleToken(_name, msg.sender, _initialSupply);

  }
}

contract SimpleToken {

  string public name;
  mapping (address => uint) public balances;

  // constructor
  constructor(string memory _name, address _creator, uint256 _initialSupply) {
    name = _name;
    balances[_creator] = _initialSupply;
  }

  // collect ether in return for tokens
  receive() external payable {
    balances[msg.sender] = msg.value * 10;
  }

  // allow transfers of tokens
  function transfer(address _to, uint _amount) public { 
    require(balances[msg.sender] >= _amount);
    balances[msg.sender] = balances[msg.sender] - _amount;
    balances[_to] = _amount;
  }

  // clean up after ourselves
  function destroy(address payable _to) public {
    selfdestruct(_to);
  }
}

We would be solving this contract by employing the second method listed earlier .

It is a quicker method of obtaining the new contract address from the creator, Etherscan provides a straightforward solution.

  1. Navigate to Etherscan and search for your current contract by its address.

  2. Within the Internal Txns tab of your contract's page, locate the most recent contract creation transaction.

  3. Click on the corresponding link to access the details of the new contract created.

  4. Upon accessing the details of the new contract, you will find the new contract address displayed prominently at the top left-hand corner of the page.

  5. Get the address of the contract creator Recovery.sol in the console via instance

  6. In Remix Injected Web3, retrieve SimpleToken.sol by its address. Remember the contract has to be pasted in remix so its ABI is generated.

  7. Invoke destroy(YOUR_WALLET_ADDR) to withdraw the remaining 0.001 ethers. As we learned earlier, selfdestruct will forward all remaining funds prior to destroying this contract.

Developer TidBits

It's important to note that anonymity on the Ethereum blockchain is limited. Transaction traces and contract addresses can be publicly accessed and monitored by anyone. By analyzing these transaction patterns and monitoring future contract addresses, individuals can potentially uncover the real-world identity of Ethereum users. This level of transparency raises privacy concerns and underscores the importance of implementing robust security measures and adhering to regulatory standards to prevent illicit activities and ensure the integrity of the blockchain ecosystem.