17. Recovery
A contract creator has built a very simple token factory contract. Anyone can create new tokens with ease. After deploying the first token contract, the creator sent 0.5 ether to obtain more tokens. They have since lost the contract address. This level will be completed if you can recover (or remove) the 0.5 ether from the lost contract address.
The generation of contract addresses are pre-deterministic and can be guessed in advance.
From the Ethereum yellow paper, section 7 - contract creation:
If the sender is a contract instead of an EOA, the nonce is the number of contracts that contract created (yellow paper - 4. World State)
nonce: A scalar value equal to the number of transactions sent from this address or, in the case of accounts with associated code, the number of contract-creations made by this account.
For contract accounts the nonce starts at 1. (yellow paper - 7. Contract Creation)
The account’s nonce is initially defined as 1
- Instantiate level. This will create 2 contracts.
- Creation of
Recoverycontract --> nonce 0: -
RecoverycreatesSimpleToken--> nonce 1
- Creation of
- Compute the
addressof theSimpleToken:- sender = instance address
- nonce = 1
- Call the
destructfunction ofSimpleTokeninstance ataddress.
Contract addresses are deterministic and are calculated by keccack256(rlp([address, nonce])) where the address is the address of the contract (or ethereum address that created the transaction) and nonce is the number of contracts the spawning contract has created (or the transaction nonce, for regular transactions).
Because of this, one can send ether to a pre-determined address (which has no private key) and later create a contract at that address which recovers the ether. This is a non-intuitive and somewhat secretive way to (dangerously) store ether without holding a private key. An interesting blog post by Martin Swende details potential use cases of this.