a

6boris · Oct 8, 2023 · 24cf5f2 · 24cf5f2
1 parent 617032b
commit 24cf5f2
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 1 deletion.
diff --git a/contracts/CTF/ONLYPWNER/11.DIVERSION.sol b/contracts/CTF/ONLYPWNER/11.DIVERSION.sol
@@ -1,2 +1,3 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.0;
+// GOTO 11.DIVERSION DIR
diff --git a/contracts/CTF/ONLYPWNER/12.PAYDAY.sol b/contracts/CTF/ONLYPWNER/12.PAYDAY.sol
@@ -1,2 +1,63 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.0;
+
+library MerkleProof {
+    function verifyProof(bytes32 leaf, bytes32 root, bytes32[] memory proof) external pure returns (bool) {
+        bytes32 currentHash = leaf;
+        for (uint256 i = 0; i < proof.length; i++) {
+            currentHash = _hash(currentHash, proof[i]);
+        }
+        return currentHash == root;
+    }
+
+    function _hash(bytes32 a, bytes32 b) private pure returns (bytes32) {
+        return a < b ? keccak256(abi.encodePacked(a, b)) : keccak256(abi.encodePacked(b, a));
+    }
+}
+
+interface IDistributor {
+    function withdraw(bytes calldata params, bytes32[] calldata proof) external;
+    function root() external view returns (bytes32);
+    function hasClaimed(address account) external view returns (bool);
+}
+
+contract Distributor is IDistributor {
+    bytes32 public root;
+    mapping(address => bool) public hasClaimed;
+
+    constructor(bytes32 _root) payable {
+        root = _root;
+    }
+
+    function withdraw(bytes calldata params, bytes32[] calldata proof) external {
+        require(params.length == 64, "invalid params");
+
+        bytes32 leaf = keccak256(params);
+        require(MerkleProof.verifyProof(leaf, root, proof), "invalid proof");
+
+        (address recipient, uint72 amount, uint184 validUntil) = decodeParams(params);
+
+        require(!hasClaimed[recipient], "already claimed");
+        require(validUntil >= block.timestamp, "expired");
+
+        hasClaimed[recipient] = true;
+        (bool success,) = recipient.call{ value: amount }("");
+        require(success, "failed to send ether");
+    }
+
+    function decodeParams(bytes memory params) private pure returns (address, uint72, uint184) {
+        bytes32 first;
+        bytes32 second;
+
+        assembly {
+            first := mload(add(params, 0x20))
+            second := mload(add(params, 0x40))
+        }
+
+        address recipient = address(uint160(uint256(first)));
+        uint72 amount = uint72(uint256(second) >> 184);
+        uint184 validUntil = uint184(uint256(second) >> 72);
+
+        return (recipient, amount, validUntil);
+    }
+}
diff --git a/foundry/test/CTF/ONLYPWNER/03.REVERSE-RUGPULL.t.sol b/foundry/test/CTF/ONLYPWNER/03.REVERSE-RUGPULL.t.sol
@@ -59,7 +59,7 @@ contract REVERSE_RUGPULL_03_Test is Test {
         // require(victimInstance.token().balanceOf(address(victimInstance)) == 0, "Not solved: Valut have token");
         victimInstance.token().approve(address(victimInstance), 10 ** 17);
         victimInstance.deposit(10 ** 17);
-        uint256 shares = victimInstance.shares(address(this));
+        // uint256 shares = victimInstance.shares(address(this));
         // require(shares == 0, "Not solved: Valut have shares");
     }
 }