rektbasic
diff --git a/‎src/OakSecurityCosmWasmCTF/01-Mjolnir/src/exploit.rs‎
Lines changed: 4 additions & 71 deletions b/‎src/OakSecurityCosmWasmCTF/01-Mjolnir/src/exploit.rs‎
Lines changed: 4 additions & 71 deletions
diff --git a/‎src/OakSecurityCosmWasmCTF/02-Gungnir/src/exploit.rs‎
Lines changed: 8 additions & 53 deletions b/‎src/OakSecurityCosmWasmCTF/02-Gungnir/src/exploit.rs‎
Lines changed: 8 additions & 53 deletions
diff --git a/‎src/OakSecurityCosmWasmCTF/02-Gungnir/src/integration_tests.rs‎
Lines changed: 25 additions & 14 deletions b/‎src/OakSecurityCosmWasmCTF/02-Gungnir/src/integration_tests.rs‎
Lines changed: 25 additions & 14 deletions
@@ -4,78 +4,11 @@
 pub mod exploit {
     use crate::{
         contract::{DENOM, LOCK_PERIOD, MINIMUM_DEPOSIT_AMOUNT},
-        msg::{ExecuteMsg, InstantiateMsg},
+        integration_tests::tests::{proper_instantiate, USER},
+        msg::ExecuteMsg,
     };
-    use cosmwasm_std::{coin, Addr, Empty, Uint128};
-    use cw_multi_test::{App, Contract, ContractWrapper, Executor};
-
-    pub fn challenge_contract() -> Box<dyn Contract<Empty>> {
-        let contract = ContractWrapper::new(
-            crate::contract::execute,
-            crate::contract::instantiate,
-            crate::contract::query,
-        );
-        Box::new(contract)
-    }
-
-    pub const USER: &str = "user";
-    pub const ADMIN: &str = "admin";
-
-    pub fn proper_instantiate() -> (App, Addr) {
-        let mut app = App::default();
-        let cw_template_id = app.store_code(challenge_contract());
-
-        // init contract
-        let msg = InstantiateMsg {};
-        let contract_addr = app
-            .instantiate_contract(
-                cw_template_id,
-                Addr::unchecked(ADMIN),
-                &msg,
-                &[],
-                "test",
-                None,
-            )
-            .unwrap();
-
-        // mint funds to contract
-        app = mint_tokens(
-            app,
-            contract_addr.to_string(),
-            MINIMUM_DEPOSIT_AMOUNT * Uint128::new(10),
-        );
-
-        // mint funds to user
-        app = mint_tokens(app, USER.to_string(), MINIMUM_DEPOSIT_AMOUNT);
-
-        // deposit
-        let msg = ExecuteMsg::Deposit {};
-        let sender = Addr::unchecked(USER);
-        app.execute_contract(
-            sender.clone(),
-            contract_addr.clone(),
-            &msg,
-            &[coin(MINIMUM_DEPOSIT_AMOUNT.u128(), DENOM)],
-        )
-        .unwrap();
-
-        // verify no funds
-        let balance = app.wrap().query_balance(USER, DENOM).unwrap().amount;
-        assert_eq!(balance, Uint128::zero());
-
-        (app, contract_addr)
-    }
-
-    pub fn mint_tokens(mut app: App, recipient: String, amount: Uint128) -> App {
-        app.sudo(cw_multi_test::SudoMsg::Bank(
-            cw_multi_test::BankSudo::Mint {
-                to_address: recipient.to_owned(),
-                amount: vec![coin(amount.u128(), DENOM)],
-            },
-        ))
-        .unwrap();
-        app
-    }
+    use cosmwasm_std::{Addr, Uint128};
+    use cw_multi_test::Executor;
 
     #[test]
     fn exploit() {
 
@@ -4,60 +4,15 @@
 pub mod exploit {
     use crate::{
         contract::{DENOM, LOCK_PERIOD},
-        msg::{ExecuteMsg, InstantiateMsg, QueryMsg},
+        integration_tests::tests::{base_scenario, INITIAL_USER_AMOUNT, USER},
+        msg::{ExecuteMsg, QueryMsg},
     };
-    use cosmwasm_std::{coin, Addr, Empty, Uint128};
-    use cw_multi_test::{App, Contract, ContractWrapper, Executor};
-
-    pub fn challenge_contract() -> Box<dyn Contract<Empty>> {
-        let contract = ContractWrapper::new(
-            crate::contract::execute,
-            crate::contract::instantiate,
-            crate::contract::query,
-        );
-        Box::new(contract)
-    }
-
-    pub const USER: &str = "user";
-    pub const ADMIN: &str = "admin";
-    const INITIAL_AMOUNT: Uint128 = Uint128::new(1_000);
-
-    pub fn proper_instantiate() -> (App, Addr) {
-        let mut app = App::default();
-        let cw_template_id = app.store_code(challenge_contract());
-
-        // init contract
-        let msg = InstantiateMsg {};
-        let contract_addr = app
-            .instantiate_contract(
-                cw_template_id,
-                Addr::unchecked(ADMIN),
-                &msg,
-                &[],
-                "test",
-                None,
-            )
-            .unwrap();
-
-        app = mint_tokens(app, USER.to_string(), INITIAL_AMOUNT);
-
-        (app, contract_addr)
-    }
-
-    pub fn mint_tokens(mut app: App, recipient: String, amount: Uint128) -> App {
-        app.sudo(cw_multi_test::SudoMsg::Bank(
-            cw_multi_test::BankSudo::Mint {
-                to_address: recipient,
-                amount: vec![coin(amount.u128(), DENOM)],
-            },
-        ))
-        .unwrap();
-        app
-    }
+    use cosmwasm_std::{coin, Addr};
+    use cw_multi_test::Executor;
 
     #[test]
     fn exploit() {
-        let (mut app, contract_addr) = proper_instantiate();
+        let (mut app, contract_addr) = base_scenario();
 
         let player = Addr::unchecked(USER);
 
@@ -67,12 +22,12 @@ pub mod exploit {
             player.clone(),
             contract_addr.clone(),
             &msg,
-            &[coin(INITIAL_AMOUNT.u128(), DENOM)],
+            &[coin(INITIAL_USER_AMOUNT.u128(), DENOM)],
         )
         .unwrap();
 
         let msg = ExecuteMsg::Stake {
-            lock_amount: INITIAL_AMOUNT.u128(),
+            lock_amount: INITIAL_USER_AMOUNT.u128(),
         };
         app.execute_contract(player.clone(), contract_addr.clone(), &msg, &[])
             .unwrap();
@@ -84,7 +39,7 @@ pub mod exploit {
 
         // normal stake
         let msg = ExecuteMsg::Unstake {
-            unlock_amount: INITIAL_AMOUNT.u128() + 1,
+            unlock_amount: INITIAL_USER_AMOUNT.u128() + 1,
         };
         app.execute_contract(player.clone(), contract_addr.clone(), &msg, &[])
             .unwrap();
 
@@ -51,13 +51,20 @@ pub mod tests {
         app
     }
 
-    #[test]
-    fn basic_flow() {
+    pub const INITIAL_USER_AMOUNT: Uint128 = Uint128::new(1_000);
+
+    pub fn base_scenario() -> (App, Addr) {
         let (mut app, contract_addr) = proper_instantiate();
 
-        let amount = Uint128::new(1_000);
+        app = mint_tokens(app, USER.to_string(), INITIAL_USER_AMOUNT);
+
+        (app, contract_addr)
+    }
+
+    #[test]
+    fn basic_flow() {
+        let (mut app, contract_addr) = base_scenario();
 
-        app = mint_tokens(app, USER.to_string(), amount);
         let sender = Addr::unchecked(USER);
 
         // deposit funds
@@ -66,7 +73,7 @@ pub mod tests {
             sender.clone(),
             contract_addr.clone(),
             &msg,
-            &[coin(amount.u128(), DENOM)],
+            &[coin(INITIAL_USER_AMOUNT.u128(), DENOM)],
         )
         .unwrap();
 
@@ -82,18 +89,18 @@ pub mod tests {
             .wrap()
             .query_wasm_smart(contract_addr.clone(), &msg)
             .unwrap();
-        assert_eq!(user.total_tokens, amount);
+        assert_eq!(user.total_tokens, INITIAL_USER_AMOUNT);
 
         // cannot stake more than deposited
         let msg = ExecuteMsg::Stake {
-            lock_amount: amount.u128() + 1,
+            lock_amount: INITIAL_USER_AMOUNT.u128() + 1,
         };
         app.execute_contract(sender.clone(), contract_addr.clone(), &msg, &[])
             .unwrap_err();
 
         // normal stake
         let msg = ExecuteMsg::Stake {
-            lock_amount: amount.u128(),
+            lock_amount: INITIAL_USER_AMOUNT.u128(),
         };
         app.execute_contract(sender.clone(), contract_addr.clone(), &msg, &[])
             .unwrap();
@@ -106,17 +113,19 @@ pub mod tests {
             .wrap()
             .query_wasm_smart(contract_addr.clone(), &msg)
             .unwrap();
-        assert_eq!(voting_power, amount.u128());
+        assert_eq!(voting_power, INITIAL_USER_AMOUNT.u128());
 
         // cannot unstake before maturity
         let msg = ExecuteMsg::Unstake {
-            unlock_amount: amount.u128(),
+            unlock_amount: INITIAL_USER_AMOUNT.u128(),
         };
         app.execute_contract(sender.clone(), contract_addr.clone(), &msg, &[])
             .unwrap_err();
 
         // cannot withdraw while staked
-        let msg = ExecuteMsg::Withdraw { amount };
+        let msg = ExecuteMsg::Withdraw {
+            amount: INITIAL_USER_AMOUNT,
+        };
         app.execute_contract(sender.clone(), contract_addr.clone(), &msg, &[])
             .unwrap_err();
 
@@ -127,7 +136,7 @@ pub mod tests {
 
         // normal unstake
         let msg = ExecuteMsg::Unstake {
-            unlock_amount: amount.u128(),
+            unlock_amount: INITIAL_USER_AMOUNT.u128(),
         };
         app.execute_contract(sender.clone(), contract_addr.clone(), &msg, &[])
             .unwrap();
@@ -143,12 +152,14 @@ pub mod tests {
         assert_eq!(voting_power, 0_u128);
 
         // normal withdraw
-        let msg = ExecuteMsg::Withdraw { amount };
+        let msg = ExecuteMsg::Withdraw {
+            amount: INITIAL_USER_AMOUNT,
+        };
         app.execute_contract(sender, contract_addr, &msg, &[])
             .unwrap();
 
         // funds are received
         let balance = app.wrap().query_balance(USER, DENOM).unwrap().amount;
-        assert_eq!(balance, amount);
+        assert_eq!(balance, INITIAL_USER_AMOUNT);
     }
 }