2.5 KiB
Broken Bank
A "broken" bank written in Leo.
Summary
This application implements a bank that issues tokens to users and allows users to deposit tokens and accrue interest on their deposits.
User Flow
- The bank issues users tokens via the
issue
function. - A user deposits tokens via the
deposit
function. - Upon a user's request to withdraw, the bank calculates the appropriate amount of compound interest and pays the user the principal and interest via the
withdraw
function.
Note that the program can be easily extended to include addition features such as a transfer
function, which would allow users to transfer tokens to other users.
Bugs
You may have already guessed that this program has a few bugs. We list some of them below:
withdraw
can only be invoked by the bank. A malicious bank could lock users' tokens by not invokingwithdraw
.withdraw
fails if the sum of the interest and principal is greater than the user's balance.- User's can increase their principal by depositing tokens multiple times, including immediately before withdrawl.
- Integer division rounds down; if the calculated interest is too small, then it will be rounded down to zero.
Can you find any others?
Language Features and Concepts
record
declarationsconsole.assert_eq
- core functions, e.g.
BHP256::hash
- record ownership
- loops and bounded iteration
- mappings
- finalize
Running the Program
Leo provides users with a command line interface for compiling and running Leo programs.
Users may either specify input values via the command line or provide an input file in inputs/
.
Configuring Accounts
The program.json
file contains a private key and address.
This is the account that will be used to sign transactions and is checked for record ownership.
When executing programs as different parties, be sure to set the private_key
and address
fields in program.json
to the appropriate values.
See ./run.sh
for an example of how to run the program as different parties.
The Aleo SDK provides a command line interface for generating new accounts. To generate a new account, run
leo account new
Providing inputs via the command line.
- Run
leo run <function_name> <input_1> <input_2> ...
See ./run.sh
for an example.
Using an input file.
- Modify
inputs/auction.in
with the desired inputs. - Run
leo run <function_name>
For example,
leo run issue
leo run deposit
leo run withdraw