-
Notifications
You must be signed in to change notification settings - Fork 4
04. Telephone
r1oga edited this page Oct 28, 2022
·
1 revision
Claim ownership of the contract.
A conditional requirements uses tx.origin.
-
tx.origin (address payable): sender of the transaction (full call chain) -
msg.sender (address payable): sender of the message (current call)
In the situation where a user calls a function of contract 1, that will call a function of contract 2:
| at execution contract 1 | at execution in contract 2 | |
|---|---|---|
msg.sender |
user's address | contract1's address |
tx.origin |
user's address | user's address |
Deploy an attacker contract.
Call the changeOwner function of the original contract from the attacker contract to ensure tx.origin != msg.sender and pass the conditional requirement.