@juicedollar/jusd 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/README.md +1 -2
  2. package/contracts/MintingHubV2/MintingHub.sol +49 -19
  3. package/contracts/MintingHubV2/Position.sol +190 -24
  4. package/contracts/MintingHubV2/PositionFactory.sol +2 -2
  5. package/contracts/MintingHubV2/PositionRoller.sol +2 -1
  6. package/contracts/MintingHubV2/interface/IMintingHub.sol +1 -1
  7. package/contracts/MintingHubV2/interface/IPosition.sol +12 -2
  8. package/contracts/StartUSD.sol +2 -2
  9. package/contracts/gateway/MintingHubGateway.sol +13 -18
  10. package/contracts/gateway/interface/IMintingHubGateway.sol +2 -2
  11. package/contracts/interface/IWrappedNative.sol +10 -0
  12. package/contracts/test/PositionExpirationTest.sol +3 -3
  13. package/contracts/test/ReentrantAttacker.sol +74 -0
  14. package/contracts/test/RejectNative.sol +17 -0
  15. package/dist/index.d.mts +240 -511
  16. package/dist/index.d.ts +240 -511
  17. package/dist/index.js +246 -598
  18. package/dist/index.mjs +246 -597
  19. package/exports/abis/MintingHubV2/PositionV2.ts +125 -8
  20. package/exports/abis/core/MintingHubGateway.ts +40 -75
  21. package/exports/abis/utils/MintingHubV2.ts +35 -36
  22. package/exports/address.config.ts +10 -13
  23. package/exports/index.ts +0 -1
  24. package/package.json +2 -1
  25. package/contracts/gateway/CoinLendingGateway.sol +0 -223
  26. package/contracts/gateway/interface/ICoinLendingGateway.sol +0 -73
  27. package/exports/abis/core/CoinLendingGateway.ts +0 -427
package/contracts/test/PositionExpirationTest.sol CHANGED
@@ -54,7 +54,7 @@ contract PositionExpirationTest {
54
54
  200000
55
55
  );
56
56
  }
57
- Position(pos).transferOwnership(owner);
57
+ Position(payable(pos)).transferOwnership(owner);
58
58
  return pos;
59
59
  }
60
60
 
@@ -63,10 +63,10 @@ contract PositionExpirationTest {
63
63
  }
64
64
 
65
65
  function forceBuy(address pos, uint256 amount) public {
66
- uint256 price = hub.expiredPurchasePrice(Position(pos));
66
+ uint256 price = hub.expiredPurchasePrice(Position(payable(pos)));
67
67
  uint256 balanceBefore = jusd.balanceOf(address(this));
68
68
  uint256 colBalBefore = col.balanceOf(address(this));
69
- amount = hub.buyExpiredCollateral(Position(pos), amount);
69
+ amount = hub.buyExpiredCollateral(Position(payable(pos)), amount);
70
70
  uint256 balanceAfter = jusd.balanceOf(address(this));
71
71
  uint256 colBalAfter = col.balanceOf(address(this));
72
72
  require(colBalAfter - colBalBefore == amount, "collateral amount");
package/contracts/test/ReentrantAttacker.sol ADDED
@@ -0,0 +1,74 @@
1
+ // SPDX-License-Identifier: MIT
2
+ pragma solidity ^0.8.0;
3
+
4
+ import {IPosition} from "../MintingHubV2/interface/IPosition.sol";
5
+ import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
6
+
7
+ /**
8
+ * @title ReentrantAttacker
9
+ * @notice Test contract that attempts reentrancy attack on Position.withdrawCollateralAsNative()
10
+ * @dev Used to verify Position is safe against reentrancy
11
+ */
12
+ contract ReentrantAttacker is Ownable {
13
+ IPosition public targetPosition;
14
+ uint256 public attackCount;
15
+ uint256 public withdrawAmount;
16
+ bool public attackSucceeded;
17
+ string public lastRevertReason;
18
+
19
+ event AttackAttempted(uint256 count, bool success, string reason);
20
+
21
+ constructor() Ownable(msg.sender) {}
22
+
23
+ /**
24
+ * @notice Sets the target position for the attack
25
+ * @param _position The position contract to attack
26
+ */
27
+ function setTarget(address _position) external onlyOwner {
28
+ targetPosition = IPosition(_position);
29
+ }
30
+
31
+ /**
32
+ * @notice Initiates the reentrancy attack
33
+ * @param _amount Amount to withdraw in each attempt
34
+ */
35
+ function attack(uint256 _amount) external onlyOwner {
36
+ require(address(targetPosition) != address(0), "Target not set");
37
+ withdrawAmount = _amount;
38
+ attackCount = 0;
39
+ attackSucceeded = false;
40
+ lastRevertReason = "";
41
+
42
+ targetPosition.withdrawCollateralAsNative(address(this), _amount);
43
+ }
44
+
45
+ /**
46
+ * @notice Called when receiving native coin - attempts reentrancy
47
+ */
48
+ receive() external payable {
49
+ attackCount++;
50
+
51
+ if (attackCount < 2) {
52
+ // Attempt reentrancy on second receive
53
+ try targetPosition.withdrawCollateralAsNative(address(this), withdrawAmount) {
54
+ // If this succeeds, reentrancy attack worked
55
+ attackSucceeded = true;
56
+ emit AttackAttempted(attackCount, true, "Attack succeeded - VULNERABILITY!");
57
+ } catch Error(string memory reason) {
58
+ lastRevertReason = reason;
59
+ emit AttackAttempted(attackCount, false, reason);
60
+ } catch (bytes memory) {
61
+ lastRevertReason = "Unknown revert";
62
+ emit AttackAttempted(attackCount, false, "Unknown revert");
63
+ }
64
+ }
65
+ }
66
+
67
+ /**
68
+ * @notice Allows owner to withdraw any native coin from this contract
69
+ */
70
+ function withdrawAll() external onlyOwner {
71
+ (bool success, ) = owner().call{value: address(this).balance}("");
72
+ require(success, "Withdraw failed");
73
+ }
74
+ }
package/contracts/test/RejectNative.sol ADDED
@@ -0,0 +1,17 @@
1
+ // SPDX-License-Identifier: MIT
2
+ pragma solidity ^0.8.0;
3
+
4
+ /**
5
+ * @title RejectNative
6
+ * @notice Test helper contract that rejects all native coin transfers
7
+ * @dev Used to test NativeTransferFailed error in Position.withdrawCollateralAsNative()
8
+ */
9
+ contract RejectNative {
10
+ receive() external payable {
11
+ revert("I reject native coin");
12
+ }
13
+
14
+ fallback() external payable {
15
+ revert("I reject native coin");
16
+ }
17
+ }