Is it possible to read any storage spot in a contract from another contract in EVM? I don't care if it is hackish or not.
My guts say that's not possible because it makes it possible to read internal or private variables like that, but I'd like to know for sure.
From http://solidity.readthedocs.io/en/v0.4.24/frequently-asked-questions.html#advanced-questions:
“memory” is used to hold temporary values. It is erased between (external) function calls.
All memory data, e.g. what you mentioned as "internal or private variables", will have been erased right after execution of the contract (or part of the contract). They do not even exist when you are trying to access them in another contract, so NO.
Contracts cannot read storage of other contracts. What they can do is call other contracts and get a return value. Thus, if the other contract provides a "getter" they can get storage data indirectly.
Note that "privacy" is not the reason for this. Everything on the blockchain is public, irrespective of the internal access model.
In theory, another indirect way of "reading" a storage slot of another contract is having an external party provide a Merkle proof for it that the contract verifies against a recent blockhash. However, that's relatively hard to implement, would cost a lot of gas, is asynchronous, and probably not worth the effort.
A contract can of course read any memory location of its own memory. But no, it cannot directly read any memory location from another contract.
