├── .gitignore
├── README.md
├── contracts
    ├── ColabBank.sol
    ├── Lock.sol
    └── v2
    │   ├── ColabBankV2.sol
    │   └── observations.md
├── hardhat.config.js
├── package-lock.json
├── package.json
├── scripts
    └── deploy.js
└── test
    ├── ColabBank.test.js
    ├── ColabBankV2.test.js
    └── Lock.js


/.gitignore:
--------------------------------------------------------------------------------
 1 | node_modules
 2 | .env
 3 | coverage
 4 | coverage.json
 5 | typechain
 6 | typechain-types
 7 | 
 8 | #Hardhat files
 9 | cache
10 | artifacts
11 | 
12 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Intro to Smart Contract Testing
2 | 
3 | 
4 | To test, run `npm run test`
5 | 
6 | 
7 | 


--------------------------------------------------------------------------------
/contracts/ColabBank.sol:
--------------------------------------------------------------------------------
 1 | // SPDX-License-Identifier: UNLICENSED
 2 | pragma solidity ^0.8.9;
 3 | 
 4 | // Uncomment this line to use console.log
 5 | // import "hardhat/console.sol";
 6 | 
 7 | contract ColabBank {
 8 |     // The keyword "public" makes variables
 9 |     // accessible from other contracts
10 |     uint256 public unlockTime;
11 |     mapping(address => uint256) public balances;
12 |     uint256 public totalColabBalance;
13 | 
14 |     address payable public owner;
15 |     // Events allow clients to react to specific
16 |     // contract changes you declare
17 |     event Deposit(uint256 amount, uint256 when, address caller);
18 |     event Withdrawal(uint256 amount, uint256 when);
19 | 
20 |     // Constructor code is only run when the contract
21 |     // is created
22 |     constructor(uint256 _unlockTime) payable {
23 |         require(
24 |             block.timestamp < _unlockTime,
25 |             "Unlock time should be in the future"
26 |         );
27 | 
28 |         unlockTime = _unlockTime;
29 |         owner = payable(msg.sender);
30 |     }
31 | 
32 | 
33 |    // spot the error here
34 |   function deposit(uint256 amount) public {
35 |         // Uncomment this line, and the import of "hardhat/console.sol", to print a log in your terminal
36 |         // console.log("Unlock time is %o and block timestamp is %o", unlockTime, block.timestamp);
37 | 
38 |         require(amount != 0, "cannot deposit 0 amount");
39 | 
40 |         totalColabBalance += amount;
41 | 
42 |         emit Deposit(amount, block.timestamp, msg.sender);
43 | 
44 | 
45 |     }
46 | 
47 |     function withdraw() public {
48 |         // Uncomment this line, and the import of "hardhat/console.sol", to print a log in your terminal
49 |         // console.log("Unlock time is %o and block timestamp is %o", unlockTime, block.timestamp);
50 | 
51 |         require(block.timestamp >= unlockTime, "You can't withdraw yet");
52 |         require(msg.sender == owner, "You aren't the owner");
53 | 
54 |         emit Withdrawal(address(this).balance, block.timestamp);
55 | 
56 |         owner.transfer(address(this).balance);
57 |     }
58 | }
59 | 


--------------------------------------------------------------------------------
/contracts/Lock.sol:
--------------------------------------------------------------------------------
 1 | // SPDX-License-Identifier: UNLICENSED
 2 | pragma solidity ^0.8.9;
 3 | // pragma solidity >=0.4.0 <0.9.0;
 4 | 
 5 | // Uncomment this line to use console.log
 6 | // import "hardhat/console.sol";
 7 | 
 8 | contract Lock {
 9 |     uint public unlockTime;
10 |     address payable public owner;
11 | 
12 |     event Withdrawal(uint amount, uint when);
13 | 
14 |     constructor(uint _unlockTime) payable {
15 |         require(
16 |             block.timestamp < _unlockTime,
17 |             "Unlock time should be in the future"
18 |         );
19 | 
20 |         unlockTime = _unlockTime;
21 |         owner = payable(msg.sender);
22 |     }
23 | 
24 |     function withdraw() public {
25 |         // Uncomment this line, and the import of "hardhat/console.sol", to print a log in your terminal
26 |         // console.log("Unlock time is %o and block timestamp is %o", unlockTime, block.timestamp);
27 | 
28 |         require(block.timestamp >= unlockTime, "You can't withdraw yet");
29 |         require(msg.sender == owner, "You aren't the owner");
30 | 
31 |         emit Withdrawal(address(this).balance, block.timestamp);
32 | 
33 |         owner.transfer(address(this).balance);
34 |     }
35 | }
36 | 


--------------------------------------------------------------------------------
/contracts/v2/ColabBankV2.sol:
--------------------------------------------------------------------------------
 1 | // SPDX-License-Identifier: MIT
 2 | 
 3 | pragma solidity ^0.8.9;
 4 | 
 5 | contract ColabBankV2 {
 6 | 
 7 |     mapping(address => uint256) public balances;
 8 |     address payable public owner;
 9 | 
10 |     event Deposit(uint256 amount, uint256 when, address caller);
11 |     event Withdrawal(uint256 amount, uint256 when);
12 | 
13 |     constructor() payable {
14 |         owner = payable(msg.sender);
15 |     }
16 | 
17 |     // spot the vulnerability
18 |     function deposit() public payable {
19 |         require(msg.value != 0, "cannot deposit 0 ETH");
20 |         uint256 value = msg.value;
21 |         balances[msg.sender] = value;
22 |         emit Deposit(value, block.timestamp, msg.sender);
23 |     }
24 | 
25 |     // spot the vulnerability in this function
26 |     function withdraw() public {
27 |         require(balances[msg.sender] != 0, "you have 0 ETH deposit");
28 |         uint256 amount = balances[msg.sender];
29 |         payable(msg.sender).transfer(address(this).balance);
30 |         emit Withdrawal(amount, block.timestamp);
31 |     }
32 | 
33 |     receive() external payable {}
34 | }
35 | 


--------------------------------------------------------------------------------
/contracts/v2/observations.md:
--------------------------------------------------------------------------------
 1 | # My Observations on the vulnerabilities present in the ColabBank V2.
 2 | 
 3 | _I found out that in the deposit function there are some vulnerabilities which are highlighted below;_
 4 | 
 5 | - ### **Type of Deposit not specified**
 6 | 
 7 |   > I noticed that the type of deposit is not checked and validated to be sure that the person is depositing eth and not just anything, with this anybody can deposit trashy items and withdraw valuable eth, anything goes in this deposit function.
 8 | 
 9 | - ### **Current Balance can be altered because of a bug present**
10 | 
11 |   > I also noticed that the current balance can be altered and tampered with, in line 21 `balances[msg.sender] = value;` this means that the balance is equal to the latest deposit value and its not adding the latest deposit to the previous balance to get the accrued valued, with this I believe the bug will be sorted `balances[msg.sender] += value;` and save the company from a huge lose by someone who has spotted the vulnerability.
12 | 
13 | - ### **The withdraw function is buggy as it allows a person withdraw more than they deposited**
14 |   > I realised that this function allows anyone to withdraw eth regardless of whatever the person deposited and also it allows the person to withdraw the total amount in the contract which is not proper, a person should only withdraw what he/she deposited and not more than the deposited amount made by the person.
15 | 
16 | ## **THANK YOU**
17 | 


--------------------------------------------------------------------------------
/hardhat.config.js:
--------------------------------------------------------------------------------
1 | require("@nomicfoundation/hardhat-toolbox");
2 | 
3 | /** @type import('hardhat/config').HardhatUserConfig */
4 | module.exports = {
5 |   solidity: "0.8.17",
6 | };
7 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "hardhat-project",
 3 |   "devDependencies": {
 4 |     "@ethersproject/providers": "^5.7.2",
 5 |     "@nomicfoundation/hardhat-chai-matchers": "^1.0.5",
 6 |     "@nomicfoundation/hardhat-network-helpers": "^1.0.7",
 7 |     "@nomicfoundation/hardhat-toolbox": "^2.0.0",
 8 |     "@nomiclabs/hardhat-ethers": "^2.2.1",
 9 |     "@nomiclabs/hardhat-etherscan": "^3.1.3",
10 |     "@typechain/ethers-v5": "^10.1.1",
11 |     "@typechain/hardhat": "^6.1.4",
12 |     "@types/chai": "^4.3.4",
13 |     "@types/mocha": "^9.1.1",
14 |     "chai": "^4.3.7",
15 |     "ethers": "^5.7.2",
16 |     "hardhat": "^2.12.2",
17 |     "hardhat-gas-reporter": "^1.0.9",
18 |     "solidity-coverage": "^0.8.2",
19 |     "ts-node": "^10.9.1",
20 |     "typechain": "^8.1.1",
21 |     "typescript": "^4.9.3"
22 |   },
23 |   "scripts": {
24 |     "test": "npx hardhat test"
25 |   }
26 | }
27 | 


--------------------------------------------------------------------------------
/scripts/deploy.js:
--------------------------------------------------------------------------------
 1 | // We require the Hardhat Runtime Environment explicitly here. This is optional
 2 | // but useful for running the script in a standalone fashion through `node <script>`.
 3 | //
 4 | // You can also run a script with `npx hardhat run <script>`. If you do that, Hardhat
 5 | // will compile your contracts, add the Hardhat Runtime Environment's members to the
 6 | // global scope, and execute the script.
 7 | const hre = require("hardhat");
 8 | 
 9 | async function main() {
10 |   const currentTimestampInSeconds = Math.round(Date.now() / 1000);
11 |   const ONE_YEAR_IN_SECS = 365 * 24 * 60 * 60;
12 |   const unlockTime = currentTimestampInSeconds + ONE_YEAR_IN_SECS;
13 | 
14 |   const lockedAmount = hre.ethers.utils.parseEther("1");
15 | 
16 |   const Lock = await hre.ethers.getContractFactory("Lock");
17 |   const lock = await Lock.deploy(unlockTime, { value: lockedAmount });
18 | 
19 |   await lock.deployed();
20 | 
21 |   console.log(
22 |     `Lock with 1 ETH and unlock timestamp ${unlockTime} deployed to ${lock.address}`
23 |   );
24 | }
25 | 
26 | // We recommend this pattern to be able to use async/await everywhere
27 | // and properly handle errors.
28 | main().catch((error) => {
29 |   console.error(error);
30 |   process.exitCode = 1;
31 | });
32 | 


--------------------------------------------------------------------------------
/test/ColabBank.test.js:
--------------------------------------------------------------------------------
  1 | const {
  2 |   time,
  3 |   loadFixture,
  4 | } = require('@nomicfoundation/hardhat-network-helpers')
  5 | const { anyValue } = require('@nomicfoundation/hardhat-chai-matchers/withArgs')
  6 | const { expect } = require('chai')
  7 | const { parseEther } = ethers.utils
  8 | 
  9 | describe('ColabBank Test Suite', async () => {
 10 |   async function deployOneYearLockFixture() {
 11 |     const TIME = 60 * 60
 12 | 
 13 |     const lockedAmount = parseEther('1')
 14 |     const unlockTime = (await time.latest()) + TIME
 15 | 
 16 |     const currentTime = await time.latest()
 17 | 
 18 |     const [owner, addr1, addr2, addr3, addr4] = await ethers.getSigners()
 19 |     const ColabBank = await ethers.getContractFactory('ColabBank')
 20 |     const colabBank = await ColabBank.deploy(unlockTime, {
 21 |       value: lockedAmount,
 22 |     })
 23 | 
 24 |     return {
 25 |       unlockTime,
 26 |       lockedAmount,
 27 |       owner,
 28 |       addr1,
 29 |       addr2,
 30 |       addr3,
 31 |       addr4,
 32 |       colabBank,
 33 |       currentTime,
 34 |     }
 35 |   }
 36 | 
 37 |   describe('ColabBank Deployment', async () => {
 38 |     it('should determine successful deployment', async () => {
 39 |       const { unlockTime, colabBank, owner } = await loadFixture(
 40 |         deployOneYearLockFixture,
 41 |       )
 42 | 
 43 |       const colabBankOwner = await colabBank.owner()
 44 |       console.log('colab bank owner__', colabBankOwner)
 45 |       console.log('owner__', owner.address)
 46 | 
 47 |       const returnedUnlockTime = await colabBank.unlockTime()
 48 |       console.log('returned unlock time_', returnedUnlockTime)
 49 | 
 50 |       expect(colabBankOwner).to.eq(owner.address)
 51 |       expect(returnedUnlockTime).to.eq(unlockTime)
 52 |       expect(returnedUnlockTime).to.be.gte(await time.latest())
 53 |       expect(await colabBank.balances(owner.address)).to.eq(0)
 54 |       expect(await colabBank.totalColabBalance()).to.eq(0)
 55 |     })
 56 |   })
 57 |   describe('Deposit', async () => {
 58 |     it('should successfully deposit an amount', async () => {
 59 |       const { colabBank, addr1 } = await loadFixture(deployOneYearLockFixture)
 60 | 
 61 |       const addr1BalanceBeforeDeposit = await colabBank.balances(addr1.address)
 62 |       expect(addr1BalanceBeforeDeposit).to.eq(0)
 63 |       expect(colabBank.connect(addr1).deposit(0)).to.be.reverted
 64 | 
 65 |       const addr1DepositTxn = await colabBank.connect(addr1).deposit(5)
 66 | 
 67 |       const addr1BalanceAfterDeposit = await colabBank.balances(addr1.address)
 68 |       expect(addr1BalanceAfterDeposit).to.eq(5)
 69 | 
 70 |       const totalColabBalance = await colabBank.totalColabBalance()
 71 |       expect(totalColabBalance).to.eq(5)
 72 | 
 73 |       await expect(addr1DepositTxn)
 74 |         .to.emit(colabBank, 'Deposit')
 75 |         .withArgs(5, anyValue, addr1.address)
 76 |     })
 77 |   })
 78 |   // Adding the withdrawal test (Faith M. Roberts)
 79 |   describe('Withdrawal', async () => {
 80 |     it('should revert owner attempt to withdraw before the unlock time', async () => {
 81 |       const { colabBank, owner } = await loadFixture(deployOneYearLockFixture)
 82 | 
 83 |       expect(colabBank.connect(owner).withdraw()).to.be.revertedWith(
 84 |         "You can't withdraw yet",
 85 |       )
 86 |     })
 87 | 
 88 |     it('should revert non owner attempt to withdraw', async () => {
 89 |       const { colabBank, addr1, unlockTime } = await loadFixture(
 90 |         deployOneYearLockFixture,
 91 |       )
 92 | 
 93 |       await time.increaseTo(unlockTime)
 94 | 
 95 |       await expect(colabBank.connect(addr1).withdraw()).to.be.revertedWith(
 96 |         "You aren't the owner",
 97 |       )
 98 |     })
 99 | 
100 |     it('should allow owner to successfully withdraw', async () => {
101 |       const { colabBank, unlockTime, owner, lockedAmount } = await loadFixture(
102 |         deployOneYearLockFixture,
103 |       )
104 | 
105 |       const prevColabBalance = await ethers.provider.getBalance(
106 |         colabBank.address,
107 |       )
108 |       expect(prevColabBalance).to.eq(lockedAmount)
109 | 
110 |       const prevOwnerBalance = await ethers.provider.getBalance(owner.address)
111 |       expect(prevOwnerBalance).to.be.gte(parseEther('9900'))
112 | 
113 |       await time.increaseTo(unlockTime)
114 | 
115 |       // withdraw all ETH in colabBank conttract
116 |       const ownerWithdrawalTxn = await colabBank.connect(owner).withdraw()
117 |       await ownerWithdrawalTxn.wait()
118 | 
119 |       // check owner ETH balance
120 |       const currentOwnerBalance = await ethers.provider.getBalance(
121 |         owner.address,
122 |       )
123 |       expect(currentOwnerBalance).to.be.gt(prevOwnerBalance)
124 | 
125 |       const currentColabBalance = await ethers.provider.getBalance(
126 |         colabBank.address,
127 |       )
128 | 
129 |       expect(currentColabBalance).to.eq(0)
130 |     })
131 |   })
132 | 
133 |   describe('Events', function () {
134 |     it('Should emit an event on withdrawals', async function () {
135 |       const { colabBank, unlockTime, lockedAmount } = await loadFixture(
136 |         deployOneYearLockFixture,
137 |       )
138 | 
139 |       await time.increaseTo(unlockTime)
140 | 
141 |       await expect(colabBank.withdraw())
142 |         .to.emit(colabBank, 'Withdrawal')
143 |         .withArgs(lockedAmount, anyValue) // We accept any value as `when` arg
144 |     })
145 |   })
146 | })
147 | 


--------------------------------------------------------------------------------
/test/ColabBankV2.test.js:
--------------------------------------------------------------------------------
 1 | const {
 2 |     time,
 3 |     loadFixture,
 4 | } = require("@nomicfoundation/hardhat-network-helpers");
 5 | const { anyValue } = require("@nomicfoundation/hardhat-chai-matchers/withArgs");
 6 | const { expect } = require("chai");
 7 | const { ethers } = require("hardhat");
 8 | 
 9 | 
10 | describe("ColabBank Test Suite", async () => {
11 | 
12 | 
13 |     async function deployOneYearLockFixture() {
14 |         const [owner, addr1, addr2, addr3, addr4] = await ethers.getSigners();
15 |         const ColabBankV2 = await ethers.getContractFactory("ColabBankV2");
16 |         const colabBankV2 = await ColabBankV2.deploy();
17 | 
18 | 
19 |         return { owner, addr1, addr2, addr3, addr4, colabBankV2 };
20 |     }
21 | 
22 | 
23 |     describe("Deposit", async () => {
24 |         it.only("should successfully deposit", async () => {
25 |             const { colabBankV2, addr1 } = await loadFixture(deployOneYearLockFixture);
26 | 
27 |         })
28 |     })
29 | 
30 |     describe("Withdrawal", async () => {
31 |         // write PoC for the vulnerability
32 |         it("", async () => {
33 |             
34 |         })
35 |     })
36 | 
37 | })


--------------------------------------------------------------------------------
/test/Lock.js:
--------------------------------------------------------------------------------
  1 | const {
  2 |   time,
  3 |   loadFixture,
  4 | } = require("@nomicfoundation/hardhat-network-helpers");
  5 | const { anyValue } = require("@nomicfoundation/hardhat-chai-matchers/withArgs");
  6 | const { expect } = require("chai");
  7 | 
  8 | describe("Lock", function () {
  9 |   // We define a fixture to reuse the same setup in every test.
 10 |   // We use loadFixture to run this setup once, snapshot that state,
 11 |   // and reset Hardhat Network to that snapshot in every test.
 12 |   async function deployOneYearLockFixture() {
 13 |     const ONE_YEAR_IN_SECS = 365 * 24 * 60 * 60;
 14 |     const ONE_GWEI = 1_000_000_000;
 15 | 
 16 |     const lockedAmount = ONE_GWEI;
 17 |     const unlockTime = (await time.latest()) + ONE_YEAR_IN_SECS;
 18 | 
 19 |     // Contracts are deployed using the first signer/account by default
 20 |     const [owner, otherAccount] = await ethers.getSigners();
 21 | 
 22 |     const Lock = await ethers.getContractFactory("Lock");
 23 |     const lock = await Lock.deploy(unlockTime, { value: lockedAmount });
 24 | 
 25 |     return { lock, unlockTime, lockedAmount, owner, otherAccount };
 26 |   }
 27 | 
 28 |   describe("Deployment", function () {
 29 |     it("Should set the right unlockTime", async function () {
 30 |       const { lock, unlockTime } = await loadFixture(deployOneYearLockFixture);
 31 | 
 32 |       expect(await lock.unlockTime()).to.equal(unlockTime);
 33 |     });
 34 | 
 35 |     it("Should set the right owner", async function () {
 36 |       const { lock, owner } = await loadFixture(deployOneYearLockFixture);
 37 | 
 38 |       expect(await lock.owner()).to.equal(owner.address);
 39 |     });
 40 | 
 41 |     it("Should receive and store the funds to lock", async function () {
 42 |       const { lock, lockedAmount } = await loadFixture(
 43 |         deployOneYearLockFixture
 44 |       );
 45 | 
 46 |       expect(await ethers.provider.getBalance(lock.address)).to.equal(
 47 |         lockedAmount
 48 |       );
 49 |     });
 50 | 
 51 |     it("Should fail if the unlockTime is not in the future", async function () {
 52 |       // We don't use the fixture here because we want a different deployment
 53 |       const latestTime = await time.latest();
 54 |       const Lock = await ethers.getContractFactory("Lock");
 55 |       await expect(Lock.deploy(latestTime, { value: 1 })).to.be.revertedWith(
 56 |         "Unlock time should be in the future"
 57 |       );
 58 |     });
 59 |   });
 60 | 
 61 |   describe("Withdrawals", function () {
 62 |     describe("Validations", function () {
 63 |       it("Should revert with the right error if called too soon", async function () {
 64 |         const { lock } = await loadFixture(deployOneYearLockFixture);
 65 | 
 66 |         await expect(lock.withdraw()).to.be.revertedWith(
 67 |           "You can't withdraw yet"
 68 |         );
 69 |       });
 70 | 
 71 |       it("Should revert with the right error if called from another account", async function () {
 72 |         const { lock, unlockTime, otherAccount } = await loadFixture(
 73 |           deployOneYearLockFixture
 74 |         );
 75 | 
 76 |         // We can increase the time in Hardhat Network
 77 |         await time.increaseTo(unlockTime);
 78 | 
 79 |         // We use lock.connect() to send a transaction from another account
 80 |         await expect(lock.connect(otherAccount).withdraw()).to.be.revertedWith(
 81 |           "You aren't the owner"
 82 |         );
 83 |       });
 84 | 
 85 |       it("Shouldn't fail if the unlockTime has arrived and the owner calls it", async function () {
 86 |         const { lock, unlockTime } = await loadFixture(
 87 |           deployOneYearLockFixture
 88 |         );
 89 | 
 90 |         // Transactions are sent using the first signer by default
 91 |         await time.increaseTo(unlockTime);
 92 | 
 93 |         await expect(lock.withdraw()).not.to.be.reverted;
 94 |       });
 95 |     });
 96 | 
 97 |     describe("Events", function () {
 98 |       it("Should emit an event on withdrawals", async function () {
 99 |         const { lock, unlockTime, lockedAmount } = await loadFixture(
100 |           deployOneYearLockFixture
101 |         );
102 | 
103 |         await time.increaseTo(unlockTime);
104 | 
105 |         await expect(lock.withdraw())
106 |           .to.emit(lock, "Withdrawal")
107 |           .withArgs(lockedAmount, anyValue); // We accept any value as `when` arg
108 |       });
109 |     });
110 | 
111 |     describe("Transfers", function () {
112 |       it("Should transfer the funds to the owner", async function () {
113 |         const { lock, unlockTime, lockedAmount, owner } = await loadFixture(
114 |           deployOneYearLockFixture
115 |         );
116 | 
117 |         await time.increaseTo(unlockTime);
118 | 
119 |         await expect(lock.withdraw()).to.changeEtherBalances(
120 |           [owner, lock],
121 |           [lockedAmount, -lockedAmount]
122 |         );
123 |       });
124 |     });
125 |   });
126 | });
127 | 


--------------------------------------------------------------------------------