Task 4, is the first time that requires interaction with the blockchain.

[references for interacting with smart contracts]

We are tasked with determining all the victims for an Escrow contract and which ones have actually paid the ransom. There are multiple methods for determining this information, depending on if we want to analyze the Escrow or Register contracts and look at the contract storage or events generated by the contracts.

Below are the variables tracked by the Escrow contract:

    address owner;      //!< This is the account that deployed the Escrow contract
    uint ownerBalance;  //!< This is the account balance of the owner (i.e., fulfilled ransoms)
    address registry;   //!< This is the address of the Registry contract
    mapping(uint => address) vicToPayerMap; //!< Mapping from victim IDs to the account addresses that submitted payment
    mapping(uint => Victim) victimMap;      //!< Mapping from victim IDs to Victim structs
    mapping(uint => bytes32) decKeyMap;      //!< Mapping from victim IDS to decrypted ransom keys
    mapping(address => uint) ransomMap;     //!< Mapping from Ransom contract addresses to victim IDs
    mapping(uint => uint) escrowMap;        //!< Mapping from victim IDs to the amount of ransom payment received
    mapping(uint => string) encFileMap;     //!< Mapping from victim IDs to encrypted test files
    address[] ransomContracts;              //!< List of Ransom contracts registered with this Escrow contract
    address oracleAccount;  //!< Address of the off-chain authentication and decryption Oracle

A contracts storage can be examined using python Web3’s function <>.

# read variable in storage
w3.eth.getStorageAt('0x5449F8636F1886675cc6b3F491dD27b5A861fba7', 0)

# read array in storage, hash(<variable spot>)
hash = web3.Web3.soliditySha3(['uint256'], [9])
w3.eth.getStorageAt('0x5449F8636F1886675cc6b3F491dD27b5A861fba7', hash.hex()) # first element
w3.eth.getStorageAt('0x5449F8636F1886675cc6b3F491dD27b5A861fba7', hex(int(hash.hex(), 16) + 1)) # second element

# read mapping in storage, hash(<variable spot>, <vid>)
hash = web3.Web3.soliditySha3(['uint256', 'uint256'], [4, 0x23ece81486ba240261ecd43dc05abfe4b2fc2e9767554852b9131b8f45f83dd6])
w3.eth.getStorageAt('0x5449F8636F1886675cc6b3F491dD27b5A861fba7', hash.hex())

Code to get all contracts registered with Escrow

hash = web3.Web3.soliditySha3(['uint256'], [9])
contracts = []
for i in range(0, 0xd):
    contracts.append(w3.eth.getStorageAt('0x5449F8636F1886675cc6b3F491dD27b5A861fba7', hex(int(hash.hex(), 16) + i)))


After we have the list of contracts, they can be checked to determine which victims have paid the ransom.

This can be done by ransomContract->ransomMap->(decKeyMap or vicToPayerMap)

[checking map]

or we can check Events using

ev_filter = escrow.eventFilter('DecryptEvent', {'fromBlock' : 0, 'toBlock' : 'latest'})
events = ev_filter.get_all_entries()


Victims that have not paid:

Victims that have paid: