Skip to content
Permalink
Browse files

DOS bug fix and tests (#18)

  • Loading branch information...
drewstone committed Jul 1, 2019
1 parent 93ecb52 commit 6c5692d9d85cf1ab141bd8aec99e5dc3e971efef
Showing with 85 additions and 192 deletions.
  1. +0 −186 abi/Lockdrop.json
  2. +2 −2 contracts/Lockdrop.sol
  3. +37 −1 scripts/lockdrop.js
  4. +0 −1 test/1-lockdrop.spec.js
  5. +44 −0 test/3-lockdrop.spec.js
  6. +2 −2 truffle-config.js

This file was deleted.

@@ -61,8 +61,8 @@ contract Lockdrop {
uint256 unlockTime = unlockTimeForTerm(term);
// Create ETH lock contract
Lock lockAddr = (new Lock).value(eth)(owner, unlockTime);
// ensure lock contract has all ETH, or fail
assert(address(lockAddr).balance == msg.value);
// ensure lock contract has at least all the ETH, or fail
assert(address(lockAddr).balance >= msg.value);
emit Locked(owner, eth, lockAddr, term, edgewareAddr, isValidator, now);
}

@@ -25,6 +25,8 @@ program
.option('--edgewarePublicKey <publicKey>', 'Edgeware Public Key')
.option('--isValidator', 'A boolean flag indicating intent to be a validator')
.option('--locksForAddress <userAddress>', 'Returns the history of lock contracts for a participant in the lockdrop')
.option('--getNonce', 'Get nonce of lockdrop contract')
.option('--send <address>', 'Send 0.1 ETH to arbitrary address')
.parse(process.argv);

function getWeb3(remoteUrl) {
@@ -60,7 +62,7 @@ async function lock(lockdropContractAddress, length, value, edgewarePublicKey, i
// Ensure lock lengths are valid from the CLI
if (['3','6','12'].indexOf(length) === -1) throw new Error('Invalid length, must pass in 3, 6, 12');
console.log(`locking ${value} ether into Lockdrop contract for ${length} months. Receiver: ${edgewarePublicKey}, Validator: ${isValidator}`);
console.log("");
console.log(`Contract ${lockdropContractAddress}`);
const web3 = getWeb3(remoteUrl);
const contract = new web3.eth.Contract(LOCKDROP_JSON.abi, lockdropContractAddress);
// Format lock length values as their respective enum values for the lockdrop contract
@@ -186,6 +188,25 @@ async function getLocksForAddress(userAddress, lockdropContractAddress, remoteUr
return await Promise.all(promises);
}

async function getNonceForContract(lockdropContractAddress, remoteUrl=LOCALHOST_URL) {
const web3 = getWeb3(remoteUrl);
const nonce = await web3.eth.getTransactionCount(lockdropContractAddress);
return nonce;
}

async function sendTransaction(address, remoteUrl=LOCALHOST_URL) {
const web3 = getWeb3(remoteUrl);
const params = {
from: web3.currentProvider.addresses[0],
to: address,
value: web3.utils.toWei('0.1', 'ether'),
};
console.log(params);
const txHash = await web3.eth.sendTransaction(params);
console.log(txHash);
return;
}

const LOCKDROP_JSON = JSON.parse(fs.readFileSync('./build/contracts/Lockdrop.json').toString());
const LOCKDROP_CONTRACT_ADDRESS = process.env.LOCKDROP_CONTRACT_ADDRESS;
const EDGEWARE_PUBLIC_KEY = process.env.EDGEWARE_PUBLIC_KEY;
@@ -346,3 +367,18 @@ if (program.locksForAddress) {
process.exit(0);
})();
}

if (program.getNonce) {
(async function() {
const nonce = await getNonceForContract(program.lockdropContractAddress, program.remoteUrl);
console.log(`Lockdrop contract nonce ${nonce.toString()}`);
process.exit(0);
})();
}

if (program.send) {
(async function() {
await sendTransaction(program.send, program.remoteUrl);
process.exit(0);
})();
}
@@ -38,7 +38,6 @@ contract('Lockdrop-1', (accounts) => {
const lockEvents = await ldHelpers.getLocks(lockdrop, accounts[1]);
assert.equal(lockEvents.length, 1);
assert.equal(lockEvents[0].args.isValidator, true);

const lockStorages = await Promise.all(lockEvents.map(event => {
return ldHelpers.getLockStorage(web3, event.returnValues.lockAddr);
}));
@@ -0,0 +1,44 @@
const Promise = require('bluebird');
const utility = require('../helpers/util');
const ldHelpers = require('../helpers/lockdropHelper');
const { toWei, toBN, padRight } = web3.utils;
const rlp = require('rlp');
const keccak = require('keccak');

const Lock = artifacts.require("./Lock.sol");
const Lockdrop = artifacts.require("./Lockdrop.sol");

contract('Lockdrop-3', (accounts) => {
const SECONDS_IN_DAY = 86400;
const THREE_MONTHS = 0;
const SIX_MONTHS = 1;
const TWELVE_MONTHS = 2;

let lockdrop;

beforeEach(async function() {
let time = await utility.getCurrentTimestamp(web3);
lockdrop = await Lockdrop.new(time);
});

it('should not break the first lock of the lockdrop', async function () {
const sender = lockdrop.address;
const nonce = (await web3.eth.getTransactionCount(sender));
const nonceHex = `0x${nonce.toString(16)}`;
const input = [ sender, nonce ];
const rlpEncoded = rlp.encode(input);
const contractAddressLong = keccak('keccak256').update(rlpEncoded).digest('hex');
const contractAddr = `0x${contractAddressLong.substring(24)}`;

await web3.eth.sendTransaction({
from: accounts[0],
to: contractAddr,
value: web3.utils.toWei('1', 'ether'),
});

await lockdrop.lock(THREE_MONTHS, accounts[1], true, {
from: accounts[1],
value: 1,
});
});
});
@@ -52,8 +52,8 @@ module.exports = {

mainnet: {
provider: () => new HDWalletProvider(privateKeyHex, `${infuraPath}`),
network_id: 1, // Ropsten's id
gas: 8000000, // Ropsten has a lower block limit than mainnet
network_id: 1, // Mainnet's id
gas: 8000000, // Mainnet gas limit
confirmations: 2, // # of confs to wait between deployments. (default: 0)
timeoutBlocks: 200, // # of blocks before a deployment times out (minimum/default: 50)
skipDryRun: true // Skip dry run before migrations? (default: false for public nets )

0 comments on commit 6c5692d

Please sign in to comment.
You can’t perform that action at this time.