From 94ec0b7df506e788d5691bdf4c7fca60bb128152 Mon Sep 17 00:00:00 2001 From: ViacheslavKhovrov <100019296+ViacheslavKhovrov@users.noreply.github.com> Date: Thu, 20 Jul 2023 09:42:41 +0900 Subject: [PATCH 1/2] fix: total supply overflow --- src/tokens/ERC20.huff | 32 ++++++++++++++++++++------------ test/tokens/ERC20.t.sol | 10 ++++++++++ 2 files changed, 30 insertions(+), 12 deletions(-) diff --git a/src/tokens/ERC20.huff b/src/tokens/ERC20.huff index 0836ea8..83a7027 100644 --- a/src/tokens/ERC20.huff +++ b/src/tokens/ERC20.huff @@ -552,22 +552,30 @@ /// @notice Mints tokens to a specified address #define macro _MINT() = takes (2) returns (0) { // Input stack: [value, to] - dup2 // [to, value, to] - swap1 // [value, to, to] - _TRANSFER_GIVE_TO() // [value, to, to] + dup2 // [to, value, to] + swap1 // [value, to, to] + _TRANSFER_GIVE_TO() // [value, to, to] // Update totalSupply - dup1 // [value, value, to, to] - [TOTAL_SUPPLY_SLOT] sload // [supply, value, value, to, to] - add // [supply + value, value, to, to] - [TOTAL_SUPPLY_SLOT] sstore // [value, to, to] + dup1 // [value, value, to, to] + [TOTAL_SUPPLY_SLOT] sload // [supply, value, value, to, to] + dup2 // [value, supply, value, value, to, to] + add // [supply + value, value, value, to, to] + dup1 // [supply + value, supply + value, value, value, to, to] + swap2 // [value, supply + value, supply + value, value, to, to] + gt // [is_overflow, supply + value, value, to, to] + iszero // [is_not_overflow, supply + value, value, to, to] + is_not_overflow jumpi // [supply + value, value, to, to] + [ARITHMETIC_OVERFLOW] PANIC() + is_not_overflow: + [TOTAL_SUPPLY_SLOT] sstore // [value, to, to] // Emit the transfer event. - 0x00 mstore // [to, to] - [ZERO_ADDRESS] // [address(0), to, to] - __EVENT_HASH(Transfer) // [sig, from, to, to] - 0x20 0x00 // [0, 32, sig, from, to, to] - log3 pop // [] + 0x00 mstore // [to, to] + [ZERO_ADDRESS] // [address(0), to, to] + __EVENT_HASH(Transfer) // [sig, from, to, to] + 0x20 0x00 // [0, 32, sig, from, to, to] + log3 pop // [] } diff --git a/test/tokens/ERC20.t.sol b/test/tokens/ERC20.t.sol index eae507d..4a6c7b4 100644 --- a/test/tokens/ERC20.t.sol +++ b/test/tokens/ERC20.t.sol @@ -322,6 +322,16 @@ contract ERC20Test is Test { } } + function testFailMintTotalSupplyOverflow( + address to, + uint256 mintAmount + ) public { + mintAmount = bound(mintAmount, 1, type(uint256).max); + + token.mint(to, type(uint256).max); + token.mint(to, mintAmount); + } + function testFailBurnInsufficientBalance( address to, uint256 mintAmount, From be39640e51ba9f7e8aa631c503513f6e3815d6e7 Mon Sep 17 00:00:00 2001 From: ViacheslavKhovrov <100019296+ViacheslavKhovrov@users.noreply.github.com> Date: Wed, 26 Jul 2023 23:14:40 +0900 Subject: [PATCH 2/2] cleanup: remove duplicate old approve --- src/tokens/ERC20.huff | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/src/tokens/ERC20.huff b/src/tokens/ERC20.huff index 83a7027..2871fb3 100644 --- a/src/tokens/ERC20.huff +++ b/src/tokens/ERC20.huff @@ -244,24 +244,6 @@ [BALANCE_SLOT] STORE_ELEMENT_FROM_KEYS(0x00) // [value, from, to] } -/// @notice Approve -/// @notice Approves an address to spend an amount of tokens on the caller's behalf -#define macro APPROVE() = takes (0) returns (0) { - 0x24 calldataload // [value] - dup1 0x00 mstore // [value] - 0x04 calldataload // [to, value] - caller // [from, to, value] - - // Emit the approval event. - dup2 dup2 // [from, to, from, to, value] - __EVENT_HASH(APPROVAL_EVENT_SIGNATURE) // [sig, from, to, from, to, value] - 0x20 0x00 // [0, 32, sig, from, to, from, to, value] - log3 // [from, to, value] - - // Store the value at slot = keccak256(from . to) - STORE_ELEMENT_FROM_KEYS(0x00) -} - /// @notice Domain Separator /// @notice Returns the EIP-712 domain separator #define macro DOMAIN_SEPARATOR() = takes (0) returns (0) {