-
Notifications
You must be signed in to change notification settings - Fork 7
Small Fixes #3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Small Fixes #3
Changes from all commits
14622b5
e830798
82d958d
3a22711
57d1636
e248447
90c767b
3421e25
e8831a9
38310ce
cdabb7f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| # FuzzThis | ||
| To win this challenge, you need `FuzzThis::dontHackMePlease()` to return `win`. | ||
|
|
||
| In very other challenge you want the test case to pass to win, but for this challenge you want the test case to fail. | ||
| In every other challenge you want the test case to pass to win, but for this challenge you want the test case to fail. | ||
|
|
||
| This challenge is meant to help you use basic fuzz testing in foundry. If you are unfamiliar with Fuzz testing in Foundry, check out their [docs](https://book.getfoundry.sh/forge/fuzz-testing). This should be the easiest challenge of the series so with that, good luck, and don't forget to read the writeup after! |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -114,6 +114,7 @@ contract Rewarder is IStaking{ | |
| function claim(address _for) external guard { | ||
| bool isStaking = staking.isStaking(_for); | ||
| StakeData memory userStake = staking.getStakerData(msg.sender); | ||
| require(isStaking, "gotta stake to make money"); | ||
|
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think you need the reentrancy to perform this exploit. My solution just called the functions one after another. I think its because in the second claim function the |
||
| require(msg.sender == address(staking), "not your rewards"); | ||
| require(block.number >= userStake.stakeStart + userStake.stakeDuration, "you know about vm.roll(), right?"); | ||
| require(!hasClaimed[msg.sender], "no double dipping"); | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unused variable