logos-messaging/logos-messaging-rlnv2-contract
1
0
Fork 0
mirror of https://github.com/logos-messaging/logos-messaging-rlnv2-contract.git synced 2026-01-05 23:43:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: delete MaliciousImplementation

Browse Source
This commit is contained in:
Roman 2025-10-20 09:51:49 +08:00
parent 192fe28d9c
commit d746ef194c
No known key found for this signature in database
GPG Key ID: 583BDF43C238B83E
1 changed files with 0 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
test/WakuRlnV2.t.sol
View File

@ -67,24 +67,6 @@ contract NonUUPSContract {
// A mock contract that does not support UUPS (no proxiable UUID or _authorizeUpgrade)
}
// Malicious implementation for testing upgrade risks
// This overrides _authorizeUpgrade to allow anyone (public) and adds a drain function to steal tokens
contract MaliciousImplementation is UUPSUpgradeable, OwnableUpgradeable {
// Drain all balance of a token to caller (malicious)
function drainTokens(address token) external {
IERC20(token).transfer(msg.sender, IERC20(token).balanceOf(address(this)));
}
// Override to allow anyone to upgrade (bypassing onlyOwner)
function _authorizeUpgrade(address newImplementation) internal override { }
// Placeholder initializer to match layout (but malicious could ignore)
function initialize() public initializer {
__Ownable_init();
__UUPSUpgradeable_init();
}
}
contract WakuRlnV2Test is Test {
WakuRlnV2 internal w;
TestStableToken internal token;