Solidity Attack Vector #25: Shadowed State Variables

When building smart contracts in Solidity, scoping is everything. Shadowing occurs when a variable in a local scope (like a function) or a derived contract shares the same name as a variable in a base contract.

The Problem

Solidity allows you to define a variable in a child contract that has the same name as one in the parent. However, this doesn't 'override' the variable in the way you might expect. Instead, it creates two separate storage slots.

`solidity

contract Base {

uint public value = 10;

}

contract Derived is Base {

uint public value = 20; // Shadowing!

}

`

If a function in Base uses value, it will use the one that equals 10. If a function in Derived uses value, it will use the one that equals 20. This leads to massive confusion and inconsistent state.

How to Defend

1. Compiler Warnings: Modern Solidity compilers (0.6.0+) will warn you about shadowing. Never ignore these warnings.

2. Standardized Naming: Use clear naming conventions (e.g., prefixing state variables with s_).

3. Static Analysis: Tools like Slither (integrated here in BlockGuard) detect shadowing automatically.