4

There is a contract which source code tells that the contract address had been generated in advance (there is a comment there), before the contract was uploaded to the network.

The address beginning is quite unusual: 0x000000...

As you can see, it shows that address was specially generated to have these zeros. One can think that these zeros are the simple luck, but the contract uses two additional addresses to its purposes and they begin 0x100000... and 0x200000...

How is this possible to upload th contract to the specific address and do this mean that the author have a privat key for the contract as it have been generated in advance?

Jink
  • 43
  • 2

1 Answers1

1

How is this possible to upload a contract to a specific address, and does this mean that the author has a private key for the contract as it has been generated in advance?

The address for a contract is computed from the address of its creator (sender) and how many transactions the creator has sent (nonce). The sender and nonce are RLP-encoded and then hashed with Keccak-256. See this answer for more details.

So to answer your question, it is indeed possible to upload a contract to a specific address by calculating that address in advance (as described above), but this fact does not imply that the author has a private key for the contract.

Note that the author of a contract doesn't really a private key for it, because they can simply implement and restrict specific functions to themselves.

goodvibration
  • 26,003
  • 5
  • 46
  • 86
  • So, as I understand to deploy a contract to the specific address X one have to use an address Y which gives (with a certain nonce) the desired contract address?

    So it's possible to set the nonce to a specific value and go over a pile of random addresses checking if one of them gives the desired contract address. One will have to check really many addresses to find that one. Is there an app to do it?

     – Jink Mar 01 '20 at 02:49
  • I understand that authors can implement a specific function to themselves but as I know, such a function will be clearly visible through the source code and there is no way to hide it, am I right? Whilst the existence of the private key cannot be revealed by anyone. – Jink Mar 01 '20 at 02:50
  • @Jink: For your first question - no. In my answer above, I did not suggest that you can choose any address that you want and be able to find a way to deploy your contract to that address. I just said that it is possible to upload a contract to a specific address. It doesn't mean that you can choose that address at will. It only means that you can know it in advance (i.e., before you deploy the contract). – goodvibration Mar 01 '20 at 09:38
  • @Jink: For your second question - yes. – goodvibration Mar 01 '20 at 09:38
  • So, if it impossible to choose the address to deploy a contract at will how it is possible that the contract was deployed to the address 0x000000...? It is obvious that the address was chosen, because, as I said, the author use two similar addresses 0x100000... and 0x200000.... – Jink Mar 01 '20 at 14:20
  • @Jink: I've seen addresses starting with 0x000000. If the address looks "more artificially-made" (than just starting with a few zeros), then please post the relevant code of that contract, and I might be able to refer to your question more specifically. – goodvibration Mar 01 '20 at 14:23
  • Sure: here is the contract: https://etherscan.io/address/0x0000009d48b12597675a02fca9c317eadef152cb Pay attention to other addresses which are used by the authors and which are written in the contract. These addresses looks as a sequence, like 0x0... 0x1... 0x2... – Jink Mar 03 '20 at 15:09
  • Moreover, the authors have written, that the contract address had been generated beforehand, it is said on the line #230. – Jink Mar 03 '20 at 15:20
  • @Jink: So all 3 addresses look like valid entities on the blockchain, when you explore them on Etherscan. The first one is the address of a contract, and each one of the other two is the address of an external account (aka wallet). The fact that they all have a few zeros at the beginning is just a matter of coincidence I believe. – goodvibration Mar 03 '20 at 15:21
  • @Jink: Beforehand - as I explained in the answer, if you concatenate your account's public address and your account's nonce (number of transactions executed with this account), and then hash that string using keccak256, then you get the address of the contract that you will deploy with this account (if you deploy it before doing anything else with this account). So of course the author has generated this address beforehand - there is no problem doing that. – goodvibration Mar 03 '20 at 15:24
  • Alright, I got it, thanks for the answers! Nevertheless, I still think, there is a way to generate a special contract address. Of course, it's impossible to generate the full-sized address, but one can set an aim to have special symbols in the beginning, like those six zeros in the example and then try to hash as many wallet addresses as you can to find an address which gives a result you need. – Jink Mar 04 '20 at 03:23
  • And I've found an app to do it! For instance, here is an address: 0xd33a71061799e3a7bcf6aaedf1653d772f12a5a6 And it gives the contract address, which beginning is "900d" like the beginning of your nickname.The more chosen symbols one want to have, the more time it takes to generate an address. – Jink Mar 04 '20 at 03:31
  • @Jink: Well, like you said - just trying a lot until you get something that satisfies your requirement. Nothing special about this method. And in any case, my answer refers to your question of how to know the contract address before deploying it. – goodvibration Mar 04 '20 at 07:50