From d1f0e1ccac705a1993849a252f75a80d37b44c4c Mon Sep 17 00:00:00 2001
From: miyachen <miyatlchen@gmail.com>
Date: Fri, 9 Aug 2024 12:02:54 +0800
Subject: [PATCH] add foundry test

---
 foundry.toml                                  |  7 +++-
 .../immunefi/34300.InvalidWithdrawal.t.sol    | 36 +++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 test/foundry/immunefi/34300.InvalidWithdrawal.t.sol

diff --git a/foundry.toml b/foundry.toml
index 5ed6f6a9..f327c8f0 100644
--- a/foundry.toml
+++ b/foundry.toml
@@ -7,4 +7,9 @@ cache_path = 'forge-cache'
 no_match_path = 'contracts/test/*'
 fs_permissions = [{ access = "read", path = "./out"}]
 
-# See more config options https://github.com/foundry-rs/foundry/tree/master/config
\ No newline at end of file
+# See more config options https://github.com/foundry-rs/foundry/tree/master/config
+
+[rpc_endpoints]
+# All available network keywords:
+# https://github.com/foundry-rs/forge-std/blob/ff4bf7db008d096ea5a657f2c20516182252a3ed/src/StdCheats.sol#L255-L271
+optimism = "${OPTIMISM_WEB3_ENDPOINT_ARCHIVE}"
\ No newline at end of file
diff --git a/test/foundry/immunefi/34300.InvalidWithdrawal.t.sol b/test/foundry/immunefi/34300.InvalidWithdrawal.t.sol
new file mode 100644
index 00000000..44b2272a
--- /dev/null
+++ b/test/foundry/immunefi/34300.InvalidWithdrawal.t.sol
@@ -0,0 +1,36 @@
+// SPDX-License-Identifier: GPL-3.0-or-later
+pragma solidity 0.7.6;
+
+import "forge-std/Test.sol";
+import "../../../contracts/Vault.sol";
+import "../../../contracts/test/TestERC20.sol";
+
+contract InvalidWithdrawalTest is Test {
+    uint256 forkBlock = 105_302_472; // Optimiam mainnet @ Thu Jun  8 05:55:21 UTC 2023
+
+    Vault vault;
+    TestERC20 usdc;
+    TestERC20 weth;
+
+    function setUp() public {
+        vm.createSelectFork(vm.rpcUrl("optimism"), forkBlock);
+        vault = Vault(0xAD7b4C162707E0B2b5f6fdDbD3f8538A5fbA0d60);
+        usdc = TestERC20(vault.getSettlementToken());
+        weth = TestERC20(0x4200000000000000000000000000000000000006);
+
+        deal(address(usdc), address(this), 1000 * 1e6, true);
+    }
+
+    function test_exploit() external payable {
+        // Step 1: Deposit 1000 USDC into the Vault
+        // Assume the attacker already has 1000 USDC
+        usdc.approve(address(vault), 1000 * 1e6); // Approve Vault to spend USDC
+        vault.deposit(address(usdc), 1000 * 1e6); // Deposit 1000 USDC
+        assertEq(vault.getBalanceByToken(address(this), address(usdc)), 1000 * 1e6);
+        assertEq(vault.getBalanceByToken(address(this), address(weth)), 0);
+
+        // Step 2: Withdraw 1 wei
+        vm.expectRevert("V_NEFC");
+        vault.withdrawEther(1); // Attempt to withdraw 1 wei
+    }
+}