-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathconfig.yml
143 lines (129 loc) · 4.02 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
contracts:
- name: "MultiStageAuction"
constructorParamSpecs: []
models:
- name: "MultiStageAuction"
id: "1701049"
functions: []
tests: # if there are tests specified for this model, it will run them alongside the monitor automatically. Otherwise, only thing that will run is the monitor
- "MultiStageAuctionExploit"
- name: "Escrow"
constructorParamSpecs:
- name: "_sender"
type: "address"
sourceType: "dynamic"
source:
type: "EOA"
- name: "_receiver"
type: "address"
sourceType: "dynamic"
source:
type: "EOA"
- name: "_delayUntilRelease"
type: "uint"
sourceType: "static"
value: 0
models:
- name: "Escrow"
id: "1624258"
functions: []
tests:
- "EscrowExploit"
- name: "PrizeDistribution"
constructorParamSpecs:
- name: "_beneficiary"
type: "address"
sourceType: "dynamic" # Indicates the value should be fetched dynamically
source:
type: "EOA" # EOA or contract
# details for a contract source:
# details:
# contractAddress: "0x0"
# functionCall: "getSubscriberAddress"
# returnType: "address"
# details for an EOA:
# For an EOA, you can just get the address from the list of accounts in the environment; no need to specify it here;
# - name: "threshold"
# type: "uint256"
# source: "static"
# value: "1000" # Static value provided directly in the config
models:
- name: "PrizeDistribution"
id: "1822535" # The id of the model in DCRGraphs.net website
# - name: "Model2"
# id: "1701159"
# functions:
# setGreet:
# EVMType: "string"
# DCRType: "integer"
# DCRNodeID: "setGreet"
tests: # if there are tests specified for this model, it will run them alongside the monitor automatically. Otherwise, only thing that will run is the monitor
- "PrizeDistributionExploit"
- name: "ProductOrder"
constructorParamSpecs:
- name: "_price"
type: "uint256"
sourceType: "static"
value: 1
models:
- name: "ProductOrder"
id: "1822680"
functions: []
hasResponseRelation: true
tests:
- "ProductOrderExploit"
- name: "Governance"
constructorParamSpecs: []
models:
- name: "Governance"
id: "1822751"
functions: []
#hasResponseRelation: true
tests:
- "GovernanceExploit"
tests:
- name: "HelloWorldExploit"
description: "Exploits for time lock-based property of HelloWorld contract"
directory: "/exploits/regular"
files:
- "HelloWorldExploit.js"
environment: "anvil"
- name: "PrizeDistributionExploit"
description: "Exploits for time-based vulnerability of PrizeDistribution contract which is enabled by a poor logic in the contract implementation."
directory: "/exploits/regular"
files:
- "PrizeDistributionExploit.js"
environment: "anvil"
- name: "MultiStageAuctionExploit"
description: "Exploits for a temporal property of ..."
directory: "/exploits/regular"
files:
- "MultiStageAuctionExploit.js"
environment: "anvil"
- name: "ProductOrderExploit"
description: "No description yet..."
directory: "/exploits/regular"
files:
- "ProductOrderExploit.js"
environment: "anvil"
- name: "ProductOrderExploit2"
description: "No description yet..."
directory: "/exploits/regular"
files:
- "ProductOrderExploit2.js"
environment: "anvil"
- name: "EscrowExploit"
description: "No description yet..."
directory: "/exploits/regular"
files:
- "EscrowExploit.js"
environment: "anvil"
- name: "GovernanceExploit"
description: "No description yet..."
directory: "/exploits/regular"
files:
- "GovernanceExploit.js"
environment: "anvil"
environments:
- name: "anvil"
version: "0.2.0"