OWASP WrongSecrets

🔍 Your Task

Find the secret hidden in the WrongSecrets repository. This challenge focuses on Web3.

💡 Look for: Configuration files, source code, environment variables, Docker files, or cloud infrastructure related to this challenge.

Secrets in smart contracts part 2

Our smart contract developer realized he wrote a secret to the chain and went back and wrote over it.

In this challenge, you need to read the variable named secret from the contract 0xCe793D588cd1Ee091290b4A1aE1D586B2a748eB4 on the Goerli EVM Testnet as it was before it got changed.

🔑 Enter the secret you found: 💡 Tip: Secrets are often strings, numbers, or encoded values. Copy and paste exactly what you find.

🔍 What's Wrong?

Why overwriting secrets on the blockchain does not get rid of them

The state of the chain can be verified for any point in time by executing the state updates up until a certain block.

Updating the state of the chain does not remove previous changes to state.

🔍 Your Task

Secrets in smart contracts part 2

Congratulations!