In this post, we'll treat Walkthrough.sol introduced in my previous post as a learning tool to explore fundamental Solidity syntax — including variable declarations, access control, string hashing, and constructor logic.

/* Solidity can use /.../ as the delimited comments */
// as the line comments

// SPDX-License-Identifier: MIT
/* SPDX-License-Identifier tells tools which license applies.
It's required for verified contracts but is not enforced by the 
compiler itself. */

pragma solidity ^0.8.0;
/* The pragma directive specifies the compiler version required
to compile the contract. This helps avoid issues caused by
breaking changes in future Solidity versions. */

/* This contract's name is "Walkthrough". It does not need to be
in Walkthrough.sol, but anyName.sol. */
contract Walkthrough {
    /* 'string public password' creates a publicly readable
string variable. The 'public' keyword automatically generates a
getter function. All state variables are stored permanently on
the blockchain once the contract is deployed. */
    string public password;
    /* 'uint8' is an unsigned 8-bit integer, ranging from 0 to 
255. */
    uint8 public infoNum = 42;
    string public theMethodName = "The method name is method7123949.";
    /* 'bool' is either true or false.*/
    /* 'private' restricts access to within the contract, but the 
value is still publicly viewable on the blockchain. */
    bool private cleared = false;

    // constructor
    /* The constructor runs once at deployment. The 'memory'
keyword indicates the string parameter is stored temporarily
during execution. */
    constructor(string memory _password) {
        password = _password;
    }

    /* 'pure' This function neither reads nor modifies state. It 
returns a static string. */
    function info() public pure returns (string memory) {
        return "You will find what you need in info1().";
    }

    function info1() public pure returns (string memory) {
        return 'Try info2(), but with "hello" as a parameter.';
    }

    function info2(string memory param) public pure returns (string memory) {
        /* keccak256 is a built-in cryptographic hash function in 
Solidity returns a fixed 32-byte (bytes32) hash. Solidity doesn’t 
support string comparisons like Java or Python. So developers use
keccak256 to compare strings safely.*/
        /* The built in solidity function abi.encodePacked(...) 
flattens the string into bytes just like string.toByteArray() in 
Java. */
        if (
            keccak256(abi.encodePacked(param)) ==
            keccak256(abi.encodePacked("hello"))
        ) {
            return
                "The property infoNum holds the number of the next info method to call.";
        }
        return "Wrong parameter.";
    }

    function info42() public pure returns (string memory) {
        return "theMethodName is the name of the next method.";
    }

    function method7123949() public pure returns (string memory) {
        return "If you know the password, submit it to authenticate().";
    }

    function authenticate(string memory passkey) public {
        if (
            keccak256(abi.encodePacked(passkey)) ==
            keccak256(abi.encodePacked(password))
        ) {
            cleared = true;
        }
    }

    /* 'view' - This function reads state (cleared) but doesn't 
modify it. Use for on-chain reads. */
    function getCleared() public view returns (bool) {
        return cleared;
    }
}

--

🎁 Bonus: Understanding keccak256 in Solidity

In Walkthrough.sol, the password is verified using this line:

if (keccak256(abi.encodePacked(passkey)) == 
keccak256(abi.encodePacked(password))) {

🔐 What is keccak256?
keccak256 is a built-in cryptographic hash function in Solidity. It accepts arbitrary input (usually bytes) and returns a 32-byte (bytes32) deterministic hash. It is irreversible and collision-resistant.

This is Ethereum’s version of SHA-3, used extensively in:

  • Comparing strings (since == doesn’t work directly)
  • Creating unique IDs
  • Generating signatures
  • Building Merkle trees and proofs

🧠 Why is it used here?
Solidity does not support direct string comparison using == like other languages:

if (passkey == password) // ❌ Not allowed

Instead, both strings are converted to bytes and hashed and compared:

if (keccak256(abi.encodePacked(passkey)) == 
keccak256(abi.encodePacked(password)))

This works because

  • If two strings are identical, their hashes will also be identical
  • Comparing fixed-size bytes32 values is gas-efficient and secure

⚠️ Common Gotchas
Do not use abi.encodePacked() with multiple dynamic types (like string, bytes, or uint[]), as it may cause hash collisions.

keccak256(abi.encodePacked("abc")) ==
keccak256(abi.encodePacked("a", "bc"))

To be safe, use abi.encode() if you’re hashing more than one variable.

🧠 Conclusion

By dissecting Walkthrough.sol, we've explored fundamental Solidity concepts, including state variables, function modifiers, and secure string comparisons. Understanding these elements is crucial for developing robust smart contracts.

Try experimenting with this contract in Remix or your local development environment to solidify your understanding of Solidity's fundamentals.