aboutsummaryrefslogtreecommitdiffstats
path: root/test/liblll/LLL_ERC20.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'test/liblll/LLL_ERC20.cpp')
-rw-r--r--test/liblll/LLL_ERC20.cpp656
1 files changed, 656 insertions, 0 deletions
diff --git a/test/liblll/LLL_ERC20.cpp b/test/liblll/LLL_ERC20.cpp
new file mode 100644
index 00000000..6c6762dd
--- /dev/null
+++ b/test/liblll/LLL_ERC20.cpp
@@ -0,0 +1,656 @@
+/*
+ This file is part of solidity.
+
+ solidity is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ solidity is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with solidity. If not, see <http://www.gnu.org/licenses/>.
+*/
+/**
+ * @author Ben Edgington <ben@benjaminion.xyz>
+ * @date 2017
+ * Tests for an ERC20 token implementation written in LLL
+ */
+
+#include <string>
+#include <boost/test/unit_test.hpp>
+#include <test/liblll/ExecutionFramework.h>
+#include <liblll/Compiler.h>
+
+#define TOKENSUPPLY 100000
+#define TOKENDECIMALS 2
+#define TOKENSYMBOL "BEN"
+#define TOKENNAME "Ben Token"
+#define ACCOUNT(n) h256(account(n), h256::AlignRight)
+#define SUCCESS encodeArgs(1)
+
+using namespace std;
+using namespace dev::lll;
+
+namespace dev
+{
+namespace lll
+{
+namespace test
+{
+
+namespace
+{
+
+static char const* erc20Code = R"DELIMITER(
+(seq
+
+ ;; --------------------------------------------------------------------------
+ ;; CONSTANTS
+
+ ;; Token parameters.
+ ;; 0x40 is a "magic number" - the text of the string is placed here
+ ;; when returning the string to the caller. See return-string below.
+ (def 'token-name-string (lit 0x40 "Ben Token"))
+ (def 'token-symbol-string (lit 0x40 "BEN"))
+ (def 'token-decimals 2)
+ (def 'token-supply 100000) ; 1000.00 total tokens
+
+ ;; Booleans
+ (def 'false 0)
+ (def 'true 1)
+
+ ;; Memory layout.
+ (def 'mem-ret 0x00) ; Fixed due to compiler macro for return.
+ (def 'mem-func 0x00) ; No conflict with mem-ret, so re-use.
+ (def 'mem-keccak 0x00) ; No conflict with mem-func or mem-ret, so re-use.
+ (def 'scratch0 0x20)
+ (def 'scratch1 0x40)
+
+ ;; Precomputed function IDs.
+ (def 'get-name 0x06fdde03) ; name()
+ (def 'get-symbol 0x95d89b41) ; symbol()
+ (def 'get-decimals 0x313ce567) ; decimals()
+ (def 'get-total-supply 0x18160ddd) ; totalSupply()
+ (def 'get-balance-of 0x70a08231) ; balanceOf(address)
+ (def 'transfer 0xa9059cbb) ; transfer(address,uint256)
+ (def 'transfer-from 0x23b872dd) ; transferFrom(address,address,uint256)
+ (def 'approve 0x095ea7b3) ; approve(address,uint256)
+ (def 'get-allowance 0xdd62ed3e) ; allowance(address,address)
+
+ ;; Event IDs
+ (def 'transfer-event-id ; Transfer(address,address,uint256)
+ 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef)
+
+ (def 'approval-event-id ; Approval(address,address,uint256)
+ 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925)
+
+ ;; --------------------------------------------------------------------------
+ ;; UTILITIES
+
+ ;; --------------------------------------------------------------------------
+ ;; The following define the key data-structures:
+ ;; - balance(addr) => value
+ ;; - allowance(addr,addr) => value
+
+ ;; Balances are stored at s[owner_addr].
+ (def 'balance (address) address)
+
+ ;; Allowances are stored at s[owner_addr + keccak256(spender_addr)]
+ ;; We use a crypto function here to avoid any situation where
+ ;; approve(me, spender) can be abused to do approve(target, me).
+ (def 'allowance (owner spender)
+ (seq
+ (mstore mem-keccak spender)
+ (keccak256 mem-keccak 0x20)))
+
+ ;; --------------------------------------------------------------------------
+ ;; For convenience we have macros to refer to function arguments
+
+ (def 'arg1 (calldataload 0x04))
+ (def 'arg2 (calldataload 0x24))
+ (def 'arg3 (calldataload 0x44))
+
+ ;; --------------------------------------------------------------------------
+ ;; Revert is a soft return that does not consume the remaining gas.
+ ;; We use it when rejecting invalid user input.
+ ;;
+ ;; Note: The REVERT opcode will be implemented in Metropolis (EIP 140).
+ ;; Meanwhile it just causes an invalid instruction exception (similar
+ ;; to a "throw" in Solidity). When fully implemented, Revert could be
+ ;; use to return error codes, or even messages.
+
+ (def 'revert () (revert 0 0))
+
+ ;; --------------------------------------------------------------------------
+ ;; Macro for returning string names.
+ ;; Compliant with the ABI format for strings.
+
+ (def 'return-string (string-literal)
+ (seq
+ (mstore 0x00 0x20) ; Points to our string's memory location
+ (mstore 0x20 string-literal) ; Length. String itself is copied to 0x40.
+ (return 0x00 (& (+ (mload 0x20) 0x5f) (~ 0x1f)))))
+ ; Round return up to 32 byte boundary
+
+ ;; --------------------------------------------------------------------------
+ ;; Convenience macro for raising Events
+
+ (def 'event3 (id addr1 addr2 value)
+ (seq
+ (mstore scratch0 value)
+ (log3 scratch0 0x20 id addr1 addr2)))
+
+ ;; --------------------------------------------------------------------------
+ ;; Determines whether the stored function ID matches a known
+ ;; function hash and executes <code-body> if so.
+ ;; @param function-hash The four-byte hash of a known function signature.
+ ;; @param code-body The code to run in the case of a match.
+
+ (def 'function (function-hash code-body)
+ (when (= (mload mem-func) function-hash)
+ code-body))
+
+ ;; --------------------------------------------------------------------------
+ ;; Gets the function ID and stores it in memory for reference.
+ ;; The function ID is in the leftmost four bytes of the call data.
+
+ (def 'uses-functions
+ (mstore
+ mem-func
+ (shr (calldataload 0x00) 224)))
+
+ ;; --------------------------------------------------------------------------
+ ;; GUARDS
+
+ ;; --------------------------------------------------------------------------
+ ;; Checks that ensure that each function is called with the right
+ ;; number of arguments. For one thing this addresses the "ERC20
+ ;; short address attack". For another, it stops me making
+ ;; mistakes while testing. We use these only on the non-constant functions.
+
+ (def 'has-one-arg (unless (= 0x24 (calldatasize)) (revert)))
+ (def 'has-two-args (unless (= 0x44 (calldatasize)) (revert)))
+ (def 'has-three-args (unless (= 0x64 (calldatasize)) (revert)))
+
+ ;; --------------------------------------------------------------------------
+ ;; Check that addresses have only 160 bits and revert if not.
+ ;; We use these input type-checks on the non-constant functions.
+
+ (def 'is-address (addr)
+ (when
+ (shr addr 160)
+ (revert)))
+
+ ;; --------------------------------------------------------------------------
+ ;; Check that transfer values are smaller than total supply and
+ ;; revert if not. This should effectively exclude negative values.
+
+ (def 'is-value (value)
+ (when (> value token-supply) (revert)))
+
+ ;; --------------------------------------------------------------------------
+ ;; Will revert if sent any Ether. We use the macro immediately so as
+ ;; to abort if sent any Ether during contract deployment.
+
+ (def 'not-payable
+ (when (callvalue) (revert)))
+
+ not-payable
+
+ ;; --------------------------------------------------------------------------
+ ;; INITIALISATION
+ ;;
+ ;; Assign all tokens initially to the owner of the contract.
+
+ (sstore (balance (caller)) token-supply)
+
+ ;; --------------------------------------------------------------------------
+ ;; CONTRACT CODE
+
+ (returnlll
+ (seq not-payable uses-functions
+
+ ;; ----------------------------------------------------------------------
+ ;; Getter for the name of the token.
+ ;; @abi name() constant returns (string)
+ ;; @return The token name as a string.
+
+ (function get-name
+ (return-string token-name-string))
+
+ ;; ----------------------------------------------------------------------
+ ;; Getter for the symbol of the token.
+ ;; @abi symbol() constant returns (string)
+ ;; @return The token symbol as a string.
+
+ (function get-symbol
+ (return-string token-symbol-string))
+
+ ;; ----------------------------------------------------------------------
+ ;; Getter for the number of decimals assigned to the token.
+ ;; @abi decimals() constant returns (uint256)
+ ;; @return The token decimals.
+
+ (function get-decimals
+ (return token-decimals))
+
+ ;; ----------------------------------------------------------------------
+ ;; Getter for the total token supply.
+ ;; @abi totalSupply() constant returns (uint256)
+ ;; @return The token supply.
+
+ (function get-total-supply
+ (return token-supply))
+
+ ;; ----------------------------------------------------------------------
+ ;; Returns the account balance of another account.
+ ;; @abi balanceOf(address) constant returns (uint256)
+ ;; @param owner The address of the account's owner.
+ ;; @return The account balance.
+
+ (function get-balance-of
+ (seq
+
+ (def 'owner arg1)
+
+ (return (sload (balance owner)))))
+
+ ;; ----------------------------------------------------------------------
+ ;; Transfers _value amount of tokens to address _to. The command
+ ;; should throw if the _from account balance has not enough
+ ;; tokens to spend.
+ ;; @abi transfer(address, uint256) returns (bool)
+ ;; @param to The account to receive the tokens.
+ ;; @param value The quantity of tokens to transfer.
+ ;; @return Success (true). Other outcomes result in a Revert.
+
+ (function transfer
+ (seq has-two-args (is-address arg1) (is-value arg2)
+
+ (def 'to arg1)
+ (def 'value arg2)
+
+ (when value ; value == 0 is a no-op
+ (seq
+
+ ;; The caller's balance. Save in memory for efficiency.
+ (mstore scratch0 (sload (balance (caller))))
+
+ ;; Revert if the caller's balance is not sufficient.
+ (when (> value (mload scratch0))
+ (revert))
+
+ ;; Make the transfer
+ ;; It would be good to check invariants (sum of balances).
+ (sstore (balance (caller)) (- (mload scratch0) value))
+ (sstore (balance to) (+ (sload (balance to)) value))
+
+ ;; Event - Transfer(address,address,uint256)
+ (event3 transfer-event-id (caller) to value)))
+
+ (return true)))
+
+ ;; ----------------------------------------------------------------------
+ ;; Send _value amount of tokens from address _from to address _to
+ ;; @abi transferFrom(address,address,uint256) returns (bool)
+ ;; @param from The account to send the tokens from.
+ ;; @param to The account to receive the tokens.
+ ;; @param value The quantity of tokens to transfer.
+ ;; @return Success (true). Other outcomes result in a Revert.
+
+ (function transfer-from
+ (seq has-three-args (is-address arg1) (is-address arg2) (is-value arg3)
+
+ (def 'from arg1)
+ (def 'to arg2)
+ (def 'value arg3)
+
+ (when value ; value == 0 is a no-op
+
+ (seq
+
+ ;; Save data to memory for efficiency.
+ (mstore scratch0 (sload (balance from)))
+ (mstore scratch1 (sload (allowance from (caller))))
+
+ ;; Revert if not enough funds, or not enough approved.
+ (when
+ (||
+ (> value (mload scratch0))
+ (> value (mload scratch1)))
+ (revert))
+
+ ;; Make the transfer and update allowance.
+ (sstore (balance from) (- (mload scratch0) value))
+ (sstore (balance to) (+ (sload (balance to)) value))
+ (sstore (allowance from (caller)) (- (mload scratch1) value))
+
+ ;; Event - Transfer(address,address,uint256)
+ (event3 transfer-event-id from to value)))
+
+ (return true)))
+
+ ;; ----------------------------------------------------------------------
+ ;; Allows _spender to withdraw from your account multiple times,
+ ;; up to the _value amount. If this function is called again it
+ ;; overwrites the current allowance with _value.
+ ;; @abi approve(address,uint256) returns (bool)
+ ;; @param spender The withdrawing account having its limit set.
+ ;; @param value The maximum allowed amount.
+ ;; @return Success (true). Other outcomes result in a Revert.
+
+ (function approve
+ (seq has-two-args (is-address arg1) (is-value arg2)
+
+ (def 'spender arg1)
+ (def 'value arg2)
+
+ ;; Force users set the allowance to 0 before setting it to
+ ;; another value for the same spender. Prevents this attack:
+ ;; https://docs.google.com/document/d/1YLPtQxZu1UAvO9cZ1O2RPXBbT0mooh4DYKjA_jp-RLM
+ (when
+ (&& value (sload (allowance (caller) spender)))
+ (revert))
+
+ (sstore (allowance (caller) spender) value)
+
+ ;; Event - Approval(address,address,uint256)
+ (event3 approval-event-id (caller) spender value)
+
+ (return true)))
+
+ ;; ----------------------------------------------------------------------
+ ;; Returns the amount which _spender is still allowed to withdraw
+ ;; from _owner.
+ ;; @abi allowance(address,address) constant returns (uint256)
+ ;; @param owner The owning account.
+ ;; @param spender The withdrawing account.
+ ;; @return The allowed amount remaining.
+
+ (function get-allowance
+ (seq
+
+ (def 'owner arg1)
+ (def 'spender arg2)
+
+ (return (sload (allowance owner spender)))))
+
+ ;; ----------------------------------------------------------------------
+ ;; Fallback: No functions matched the function ID provided.
+
+ (revert)))
+ )
+)DELIMITER";
+
+static unique_ptr<bytes> s_compiledErc20;
+
+class LLLERC20TestFramework: public LLLExecutionFramework
+{
+protected:
+ void deployErc20()
+ {
+ if (!s_compiledErc20)
+ {
+ vector<string> errors;
+ s_compiledErc20.reset(new bytes(compileLLL(erc20Code, dev::test::Options::get().evmVersion(), dev::test::Options::get().optimize, &errors)));
+ BOOST_REQUIRE(errors.empty());
+ }
+ sendMessage(*s_compiledErc20, true);
+ BOOST_REQUIRE(m_transactionSuccessful);
+ BOOST_REQUIRE(!m_output.empty());
+ }
+
+};
+
+}
+
+// Test suite for an ERC20 contract written in LLL.
+BOOST_FIXTURE_TEST_SUITE(LLLERC20, LLLERC20TestFramework)
+
+BOOST_AUTO_TEST_CASE(creation)
+{
+ deployErc20();
+
+ // All tokens are initially assigned to the contract creator.
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY));
+}
+
+BOOST_AUTO_TEST_CASE(constants)
+{
+ deployErc20();
+
+ BOOST_CHECK(callContractFunction("totalSupply()") == encodeArgs(TOKENSUPPLY));
+ BOOST_CHECK(callContractFunction("decimals()") == encodeArgs(TOKENDECIMALS));
+ BOOST_CHECK(callContractFunction("symbol()") == encodeDyn(string(TOKENSYMBOL)));
+ BOOST_CHECK(callContractFunction("name()") == encodeDyn(string(TOKENNAME)));
+}
+
+BOOST_AUTO_TEST_CASE(send_value)
+{
+ deployErc20();
+
+ // Send value to the contract. Should always fail.
+ m_sender = account(0);
+ auto contractBalance = balanceAt(m_contractAddress);
+
+ // Fallback: check value is not transferred.
+ BOOST_CHECK(callFallbackWithValue(42) != SUCCESS);
+ BOOST_CHECK(balanceAt(m_contractAddress) == contractBalance);
+
+ // Transfer: check nothing happened.
+ BOOST_CHECK(callContractFunctionWithValue("transfer(address,uint256)", ACCOUNT(1), 100, 42) != SUCCESS);
+ BOOST_CHECK(balanceAt(m_contractAddress) == contractBalance);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(0));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY));
+}
+
+BOOST_AUTO_TEST_CASE(transfer)
+{
+ deployErc20();
+
+ // Transfer 100 tokens from account(0) to account(1).
+ int transfer = 100;
+ m_sender = account(0);
+ BOOST_CHECK(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) == SUCCESS);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY - transfer));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(transfer));
+}
+
+BOOST_AUTO_TEST_CASE(transfer_from)
+{
+ deployErc20();
+
+ // Approve account(1) to transfer up to 1000 tokens from account(0).
+ int allow = 1000;
+ m_sender = account(0);
+ BOOST_REQUIRE(callContractFunction("approve(address,uint256)", ACCOUNT(1), u256(allow)) == SUCCESS);
+ BOOST_REQUIRE(callContractFunction("allowance(address,address)", ACCOUNT(0), ACCOUNT(1)) == encodeArgs(allow));
+
+ // Send account(1) some ether for gas.
+ sendEther(account(1), 1000 * ether);
+ BOOST_REQUIRE(balanceAt(account(1)) >= 1000 * ether);
+
+ // Transfer 300 tokens from account(0) to account(2); check that the allowance decreases.
+ int transfer = 300;
+ m_sender = account(1);
+ BOOST_REQUIRE(callContractFunction("transferFrom(address,address,uint256)", ACCOUNT(0), ACCOUNT(2), u256(transfer)) == SUCCESS);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(2)) == encodeArgs(transfer));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY - transfer));
+ BOOST_CHECK(callContractFunction("allowance(address,address)", ACCOUNT(0), ACCOUNT(1)) == encodeArgs(allow - transfer));
+}
+
+BOOST_AUTO_TEST_CASE(transfer_event)
+{
+ deployErc20();
+
+ // Transfer 1000 tokens from account(0) to account(1).
+ int transfer = 1000;
+ m_sender = account(0);
+ BOOST_REQUIRE(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) == SUCCESS);
+
+ // Check that a Transfer event was recorded and contents are correct.
+ BOOST_REQUIRE(m_logs.size() == 1);
+ BOOST_CHECK(m_logs[0].data == encodeArgs(transfer));
+ BOOST_REQUIRE(m_logs[0].topics.size() == 3);
+ BOOST_CHECK(m_logs[0].topics[0] == keccak256(string("Transfer(address,address,uint256)")));
+ BOOST_CHECK(m_logs[0].topics[1] == ACCOUNT(0));
+ BOOST_CHECK(m_logs[0].topics[2] == ACCOUNT(1));
+}
+
+BOOST_AUTO_TEST_CASE(transfer_zero_no_event)
+{
+ deployErc20();
+
+ // Transfer 0 tokens from account(0) to account(1). This is a no-op.
+ int transfer = 0;
+ m_sender = account(0);
+ BOOST_REQUIRE(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) == SUCCESS);
+
+ // Check that no Event was recorded.
+ BOOST_CHECK(m_logs.size() == 0);
+
+ // Check that balances have not changed.
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY - transfer));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(transfer));
+}
+
+BOOST_AUTO_TEST_CASE(approval_and_transfer_events)
+{
+ deployErc20();
+
+ // Approve account(1) to transfer up to 10000 tokens from account(0).
+ int allow = 10000;
+ m_sender = account(0);
+ BOOST_REQUIRE(callContractFunction("approve(address,uint256)", ACCOUNT(1), u256(allow)) == SUCCESS);
+
+ // Check that an Approval event was recorded and contents are correct.
+ BOOST_REQUIRE(m_logs.size() == 1);
+ BOOST_CHECK(m_logs[0].data == encodeArgs(allow));
+ BOOST_REQUIRE(m_logs[0].topics.size() == 3);
+ BOOST_CHECK(m_logs[0].topics[0] == keccak256(string("Approval(address,address,uint256)")));
+ BOOST_CHECK(m_logs[0].topics[1] == ACCOUNT(0));
+ BOOST_CHECK(m_logs[0].topics[2] == ACCOUNT(1));
+
+ // Send account(1) some ether for gas.
+ sendEther(account(1), 1000 * ether);
+ BOOST_REQUIRE(balanceAt(account(1)) >= 1000 * ether);
+
+ // Transfer 3000 tokens from account(0) to account(2); check that the allowance decreases.
+ int transfer = 3000;
+ m_sender = account(1);
+ BOOST_REQUIRE(callContractFunction("transferFrom(address,address,uint256)", ACCOUNT(0), ACCOUNT(2), u256(transfer)) == SUCCESS);
+
+ // Check that a Transfer event was recorded and contents are correct.
+ BOOST_REQUIRE(m_logs.size() == 1);
+ BOOST_CHECK(m_logs[0].data == encodeArgs(transfer));
+ BOOST_REQUIRE(m_logs[0].topics.size() == 3);
+ BOOST_CHECK(m_logs[0].topics[0] == keccak256(string("Transfer(address,address,uint256)")));
+ BOOST_CHECK(m_logs[0].topics[1] == ACCOUNT(0));
+ BOOST_CHECK(m_logs[0].topics[2] == ACCOUNT(2));
+}
+
+BOOST_AUTO_TEST_CASE(invalid_transfer_1)
+{
+ deployErc20();
+
+ // Transfer more than the total supply; ensure nothing changes.
+ int transfer = TOKENSUPPLY + 1;
+ m_sender = account(0);
+ BOOST_CHECK(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) != SUCCESS);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(0));
+}
+
+BOOST_AUTO_TEST_CASE(invalid_transfer_2)
+{
+ deployErc20();
+
+ // Separate transfers that together exceed initial balance.
+ int transfer = 1 + TOKENSUPPLY / 2;
+ m_sender = account(0);
+
+ // First transfer should succeed.
+ BOOST_REQUIRE(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) == SUCCESS);
+ BOOST_REQUIRE(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY - transfer));
+ BOOST_REQUIRE(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(transfer));
+
+ // Second transfer should fail.
+ BOOST_CHECK(callContractFunction("transfer(address,uint256)", ACCOUNT(1), u256(transfer)) != SUCCESS);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY - transfer));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(1)) == encodeArgs(transfer));
+}
+
+BOOST_AUTO_TEST_CASE(invalid_transfer_from)
+{
+ deployErc20();
+
+ // TransferFrom without approval.
+ int transfer = 300;
+
+ // Send account(1) some ether for gas.
+ m_sender = account(0);
+ sendEther(account(1), 1000 * ether);
+ BOOST_REQUIRE(balanceAt(account(1)) >= 1000 * ether);
+
+ // Try the transfer; ensure nothing changes.
+ m_sender = account(1);
+ BOOST_CHECK(callContractFunction("transferFrom(address,address,uint256)", ACCOUNT(0), ACCOUNT(2), u256(transfer)) != SUCCESS);
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(2)) == encodeArgs(0));
+ BOOST_CHECK(callContractFunction("balanceOf(address)", ACCOUNT(0)) == encodeArgs(TOKENSUPPLY));
+ BOOST_CHECK(callContractFunction("allowance(address,address)", ACCOUNT(0), ACCOUNT(1)) == encodeArgs(0));
+}
+
+BOOST_AUTO_TEST_CASE(invalid_reapprove)
+{
+ deployErc20();
+
+ m_sender = account(0);
+
+ // Approve account(1) to transfer up to 1000 tokens from account(0).
+ int allow1 = 1000;
+ BOOST_REQUIRE(callContractFunction("approve(address,uint256)", ACCOUNT(1), u256(allow1)) == SUCCESS);
+ BOOST_REQUIRE(callContractFunction("allowance(address,address)", ACCOUNT(0), ACCOUNT(1)) == encodeArgs(allow1));
+
+ // Now approve account(1) to transfer up to 500 tokens from account(0).
+ // Should fail (we need to reset allowance to 0 first).
+ int allow2 = 500;
+ BOOST_CHECK(callContractFunction("approve(address,uint256)", ACCOUNT(1), u256(allow2)) != SUCCESS);
+ BOOST_CHECK(callContractFunction("allowance(address,address)", ACCOUNT(0), ACCOUNT(1)) == encodeArgs(allow1));
+}
+
+BOOST_AUTO_TEST_CASE(bad_data)
+{
+ deployErc20();
+
+ m_sender = account(0);
+
+ // Correct data: transfer(address _to, 1).
+ sendMessage((bytes)fromHex("a9059cbb") + (bytes)fromHex("000000000000000000000000123456789a123456789a123456789a123456789a") + encodeArgs(1), false, 0);
+ BOOST_CHECK(m_transactionSuccessful);
+ BOOST_CHECK(m_output == SUCCESS);
+
+ // Too little data (address is truncated by one byte).
+ sendMessage((bytes)fromHex("a9059cbb") + (bytes)fromHex("000000000000000000000000123456789a123456789a123456789a12345678") + encodeArgs(1), false, 0);
+ BOOST_CHECK(!m_transactionSuccessful);
+ BOOST_CHECK(m_output != SUCCESS);
+
+ // Too much data (address is extended with a zero byte).
+ sendMessage((bytes)fromHex("a9059cbb") + (bytes)fromHex("000000000000000000000000123456789a123456789a123456789a123456789a00") + encodeArgs(1), false, 0);
+ BOOST_CHECK(!m_transactionSuccessful);
+ BOOST_CHECK(m_output != SUCCESS);
+
+ // Invalid address (a bit above the 160th is set).
+ sendMessage((bytes)fromHex("a9059cbb") + (bytes)fromHex("000000000000000000000100123456789a123456789a123456789a123456789a") + encodeArgs(1), false, 0);
+ BOOST_CHECK(!m_transactionSuccessful);
+ BOOST_CHECK(m_output != SUCCESS);
+}
+
+BOOST_AUTO_TEST_SUITE_END()
+
+}
+}
+} // end namespaces