Comments (5)
One solution is to change the links to point to the github page.
Ex:
- https://secure-contracts.com/program-analysis/echidna/example/TestDepositWithPermit.sol
- versus https://github.com/crytic/building-secure-contracts/blob/master/program-analysis/echidna/example/TestDepositWithPermit.sol
from building-secure-contracts.
How about just using a summary tag and embedding the solution into the markdown.
View solution
// SPDX-License-Identifier: AGPL-3.0
pragma solidity ^0.8.0;
import "./MockERC20Permit.sol";
interface iHevm {
//signs digest with private key sk
function sign(uint256 sk, bytes32 digest) external returns (uint8 v, bytes32 r, bytes32 s);
}
contract TestDepositWithPermit {
MockERC20Permit asset;
iHevm hevm;
event AssertionFailed(string reason);
event LogBalance(uint256 balanceOwner, uint256 balanceCaller);
address constant OWNER = 0x2B5AD5c4795c026514f8317c7a215E218DcCD6cF; //address corresponding to private key 0x2
constructor() {
hevm = iHevm(0x7109709ECfa91a80626fF3989D68f67F5b1DD12D);
asset = new MockERC20Permit("Permit Token", "PMT", 18);
}
//helper method to get signature, signs with private key 2
function getSignature(
address owner,
address spender,
uint256 assetAmount
) internal returns (uint8 v, bytes32 r, bytes32 s) {
bytes32 digest = keccak256(
abi.encodePacked(
"\x19\x01",
asset.DOMAIN_SEPARATOR(),
keccak256(
abi.encode(
keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"),
owner,
spender,
assetAmount,
asset.nonces(owner),
block.timestamp
)
)
)
);
(v, r, s) = hevm.sign(2, digest); //this gives us OWNER's signature
}
function testERC20PermitDeposit(uint256 amount) public {
amount = 1 + (amount % 1000000e18); // we'll only consider transfers of up to 1M tokens
asset.mint(OWNER, amount);
uint256 previousOwnerBalance = asset.balanceOf(OWNER);
uint256 previousCallerBalance = asset.balanceOf(address(this));
emit LogBalance(previousOwnerBalance, previousCallerBalance);
(uint8 v, bytes32 r, bytes32 s) = getSignature(OWNER, address(this), amount);
try asset.permit(OWNER, address(this), amount, block.timestamp, v, r, s) {} catch {
emit AssertionFailed("signature is invalid");
}
try asset.transferFrom(OWNER, address(this), amount) {} catch {
emit AssertionFailed("transferFrom reverted");
}
uint256 currentOwnerBalance = asset.balanceOf(OWNER);
uint256 currentCallerBalance = asset.balanceOf(address(this));
emit LogBalance(currentOwnerBalance, currentCallerBalance);
if (currentCallerBalance != previousCallerBalance + amount && currentOwnerBalance != 0) {
emit AssertionFailed("incorrect amount transferred");
}
}
}
from building-secure-contracts.
We want to keep the solidity code as separate solidity files, for a couple of reasons:
- It's easier for people to use them
- It's easier when we do a workshop
- We can run them through a CI
from building-secure-contracts.
Yes, I would suggest keeping them as separate files, but also including the solutions into the markdown as dropdowns (the user then doesn't have to look around in multiple pages). The problem here though is keeping the embedded code up-to-date. Perhaps we can take a look at:
This could be useful in a few other places as well
from building-secure-contracts.
Done with #264
from building-secure-contracts.
Related Issues (20)
- Error: Deploying the contract failed HOT 4
- Document slither code comment
- Explain the popsicle example HOT 1
- Document zkEVM divergences in learn evm
- Lack of compiler versions for excercises HOT 4
- Update links for Cairo Regenesis
- Fix TestDepositWithPermit test HOT 1
- Adapt Echidna training
- Update multi-abi to allContracts HOT 3
- Fixing substrate links
- Fix cosmos link HOT 2
- Echidna installation link is broken HOT 2
- Echidna Exercise 3 HOT 2
- markdown-link-check: improve CI
- Move blockchain-security-contacts here HOT 2
- Add changelog page HOT 1
- double hevm prank does not work HOT 1
- Cosmos Total Supply Manipulation via IBC Burning HOT 1
- Add the rekt test HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from building-secure-contracts.