coderbradlee
diff --git a/‎action/protocol/execution/protocol_test.go
+5 b/‎action/protocol/execution/protocol_test.go
+5
diff --git a/‎action/protocol/execution/testdata/Ownable.sol
+42 b/‎action/protocol/execution/testdata/Ownable.sol
+42
diff --git a/‎action/protocol/execution/testdata/cashier.json
+94 b/‎action/protocol/execution/testdata/cashier.json
+94
diff --git a/‎action/protocol/execution/testdata/cashier.sol
+84 b/‎action/protocol/execution/testdata/cashier.sol
+84
@@ -674,9 +674,14 @@ func TestProtocol_Handle(t *testing.T) {
 	t.Run("Multisend", func(t *testing.T) {
 		NewSmartContractTest(t, "testdata/multisend.json")
 	})
+	// reentry
 	t.Run("reentry-attack", func(t *testing.T) {
 		NewSmartContractTest(t, "testdata/reentry-attack.json")
 	})
+	// cashier
+	t.Run("cashier", func(t *testing.T) {
+		NewSmartContractTest(t, "testdata/cashier.json")
+	})
 }
 
 func TestProtocol_Validate(t *testing.T) {
 
@@ -0,0 +1,42 @@
+pragma solidity ^0.4.19;
+
+
+/**
+ * @title Ownable
+ * @dev The Ownable contract has an owner address, and provides basic authorization control
+ * functions, this simplifies the implementation of "user permissions".
+ */
+contract Ownable {
+  address public owner;
+
+
+  event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
+
+
+  /**
+   * @dev The Ownable constructor sets the original `owner` of the contract to the sender
+   * account.
+   */
+  function Ownable() public {
+    owner = msg.sender;
+  }
+
+  /**
+   * @dev Throws if called by any account other than the owner.
+   */
+  modifier onlyOwner() {
+    require(msg.sender == owner);
+    _;
+  }
+
+  /**
+   * @dev Allows the current owner to transfer control of the contract to a newOwner.
+   * @param newOwner The address to transfer ownership to.
+   */
+  function transferOwnership(address newOwner) public onlyOwner {
+    require(newOwner != address(0));
+    OwnershipTransferred(owner, newOwner);
+    owner = newOwner;
+  }
+
+}
@@ -0,0 +1,94 @@
+{
+    "initBalances": [{
+        "account": "io1mflp9m6hcgm2qcghchsdqj3z3eccrnekx9p0ms",
+        "rawBalance": "1000000000000000000000000000"
+    }],
+    "deployments": [{
+        "rawByteCode": "608060405234801561001057600080fd5b50604051608080610791833981016040908152815160208301519183015160609093015160008054600160a060020a03191633179055909290600160a060020a038416151561005e57600080fd5b6000821161006b57600080fd5b8181101561007857600080fd5b60018054600160a060020a031916600160a060020a039590951694909417909355600291909155600355600455623d09006005556106d6806100bb6000396000f3006080604052600436106100fb5763ffffffff7c0100000000000000000000000000000000000000000000000000000000600035041663046f7da28114610105578063186f03541461011a5780632e1a7d4d1461014b57806345f0a44f14610163578063490ae2101461018d5780634fe47f70146101a55780635db0cb94146101bd5780635f48f393146101de57806367a52793146101f35780638456cb5914610208578063897b06371461021d5780638da5cb5b146102355780639b2cb5d81461024a578063c0abda2a1461025f578063d0e30db0146100fb578063ee7d72b414610277578063f2fde38b1461028f578063f68016b7146102b0575b6101036102c5565b005b34801561011157600080fd5b506101036103f0565b34801561012657600080fd5b5061012f610424565b60408051600160a060020a039092168252519081900360200190f35b34801561015757600080fd5b50610103600435610433565b34801561016f57600080fd5b5061017b600435610489565b60408051918252519081900360200190f35b34801561019957600080fd5b506101036004356104a8565b3480156101b157600080fd5b506101036004356104c4565b3480156101c957600080fd5b50610103600160a060020a03600435166104ef565b3480156101ea57600080fd5b5061017b61054a565b3480156101ff57600080fd5b5061017b610550565b34801561021457600080fd5b50610103610556565b34801561022957600080fd5b5061010360043561058c565b34801561024157600080fd5b5061012f6105b7565b34801561025657600080fd5b5061017b6105c6565b34801561026b57600080fd5b5061012f6004356105cc565b34801561028357600080fd5b506101036004356105f4565b34801561029b57600080fd5b50610103600160a060020a0360043516610610565b3480156102bc57600080fd5b5061017b6106a4565b60085460009060ff16156102d857600080fd5b600254600354013410156102eb57600080fd5b60025434039050600454811115151561030357600080fd5b600154600554604051600160a060020a039092169183906000818181858888f19350505050156103ed576006805460018181019092557ff652222313e28459528d920b65115c16c04f3efc82aaedc97be59f3f377c0d3f01805473ffffffffffffffffffffffffffffffffffffffff1916339081179091556007805492830181556000527fa66cc928b5edb82af9bd49922954155ab7b0942694bea4ce44661d9a8736c68890910182905560025460408051848152602081019290925280517fb54144b2711919f9fb59c30ec3b593b154784e26488806a6ddb320c41b5c1c939281900390910190a25b50565b600054600160a060020a0316331461040757600080fd5b60085460ff16151561041857600080fd5b6008805460ff19169055565b600154600160a060020a031681565b600054600160a060020a0316331461044a57600080fd5b303181111561045857600080fd5b604051339082156108fc029083906000818181858888f19350505050158015610485573d6000803e3d6000fd5b5050565b600780548290811061049757fe5b600091825260209091200154905081565b600054600160a060020a031633146104bf57600080fd5b600255565b600054600160a060020a031633146104db57600080fd5b6003548110156104ea57600080fd5b600455565b600054600160a060020a0316331461050657600080fd5b600160a060020a038116151561051b57600080fd5b6001805473ffffffffffffffffffffffffffffffffffffffff1916600160a060020a0392909216919091179055565b60045481565b60025481565b600054600160a060020a0316331461056d57600080fd5b60085460ff161561057d57600080fd5b6008805460ff19166001179055565b600054600160a060020a031633146105a357600080fd5b6004548111156105b257600080fd5b600355565b600054600160a060020a031681565b60035481565b60068054829081106105da57fe5b600091825260209091200154600160a060020a0316905081565b600054600160a060020a0316331461060b57600080fd5b600555565b600054600160a060020a0316331461062757600080fd5b600160a060020a038116151561063c57600080fd5b60008054604051600160a060020a03808516939216917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e091a36000805473ffffffffffffffffffffffffffffffffffffffff1916600160a060020a0392909216919091179055565b600554815600a165627a7a72305820d8278a1efc7155cd5660666a40251a6011e1387cb8adbb4bfdcc17082890c1c00029000000000000000000000000cecc938840c5ae89373a681a5f2e0f244152e91b000000000000000000000000000000000000000000000000000000000000271000000000000000000000000000000000000000000000000000000000000186a000000000000000000000000000000000000000000000000000000000000f4240",
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawAmount": "0",
+        "rawGasLimit": 5000000,
+        "rawGasPrice": "0",
+        "expectedBalances": [],
+        "comment": "deploy cashier contract"
+    }],
+    "executions": [{
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawByteCode": "d0e30db0",
+        "rawAmount": "110000",
+        "rawGasLimit": 1000000,
+        "rawGasPrice": "0",
+        "expectedBalances": [{
+            "account": "io1emxf8zzqckhgjde6dqd97ts0y3q496gm3fdrl6",
+            "rawBalance": "100000"
+        },{
+            "account": "",
+            "rawBalance": "10000"
+        }],
+        "expectedLogs": [{}],
+        "comment": "call deposit"
+    },{
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawByteCode": "d0e30db0",
+        "rawAmount": "90000",
+        "rawGasLimit": 1000000,
+        "rawGasPrice": "0",
+        "failed": true,
+        "expectedBalances": [{
+            "account": "io1emxf8zzqckhgjde6dqd97ts0y3q496gm3fdrl6",
+            "rawBalance": "100000"
+        },{
+            "account": "",
+            "rawBalance": "10000"
+        }],
+        "expectedLogs": [],
+        "comment": "call deposit msg.value < minAmount + depositFee"
+    },{
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawByteCode": "d0e30db0",
+        "rawAmount": "1020000",
+        "rawGasLimit": 1000000,
+        "rawGasPrice": "0",
+        "failed": true,
+        "expectedBalances": [{
+            "account": "io1emxf8zzqckhgjde6dqd97ts0y3q496gm3fdrl6",
+            "rawBalance": "100000"
+        },{
+            "account": "",
+            "rawBalance": "10000"
+        }],
+        "expectedLogs": [],
+        "comment": "call deposit msg.value>maxAmount + depositFee"
+    },{
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawByteCode": "2e1a7d4d0000000000000000000000000000000000000000000000000000000000000064",
+        "rawAmount": "0",
+        "rawGasLimit": 1000000,
+        "rawGasPrice": "0",
+        "expectedBalances": [{
+            "account": "io1emxf8zzqckhgjde6dqd97ts0y3q496gm3fdrl6",
+            "rawBalance": "100000"
+        },{
+            "account": "",
+            "rawBalance": "9900"
+        }],
+        "expectedLogs": [],
+        "comment": "call withdraw 100"
+    },{
+        "rawPrivateKey": "cfa6ef757dee2e50351620dca002d32b9c090cfda55fb81f37f1d26b273743f1",
+        "rawByteCode": "2e1a7d4d0000000000000000000000000000000000000000000000000000000000004E20",
+        "rawAmount": "0",
+        "rawGasLimit": 1000000,
+        "rawGasPrice": "0",
+        "failed": true,
+        "expectedBalances": [{
+            "account": "io1emxf8zzqckhgjde6dqd97ts0y3q496gm3fdrl6",
+            "rawBalance": "100000"
+        },{
+            "account": "",
+            "rawBalance": "9900"
+        }],
+        "expectedLogs": [],
+        "comment": "call withdraw 20000,expect failed"
+    }]
+}
@@ -0,0 +1,84 @@
+pragma solidity ^0.4.24;
+
+import "./Ownable.sol";
+
+contract Cashier is Ownable {
+    address public safe;
+    uint256 public depositFee;
+    uint256 public minAmount;
+    uint256 public maxAmount;
+    uint256 public gasLimit;
+    address[] public customers;
+    uint256[] public amounts;
+    bool paused;
+
+    event Receipt(address indexed customer, uint256 amount, uint256 fee);
+
+    function Cashier(address _safe, uint256 _fee, uint256 _minAmount, uint256 _maxAmount) public {
+        require(_safe != address(0));
+        require(_minAmount > 0);
+        require(_maxAmount >= _minAmount);
+        safe = _safe;
+        depositFee = _fee;
+        minAmount = _minAmount;
+        maxAmount = _maxAmount;
+        gasLimit = 4000000;
+    }
+
+    function () external payable {
+        deposit();
+    }
+
+    function deposit() public payable {
+        require(!paused);
+        require(msg.value >= minAmount + depositFee);
+        uint256 amount = msg.value - depositFee;
+        require(amount <= maxAmount);
+
+        if (safe.call.value(amount).gas(gasLimit)()) {
+            customers.push(msg.sender);
+            amounts.push(amount);
+
+            emit Receipt(msg.sender, amount, depositFee);
+        }
+    }
+
+    function withdraw(uint256 amount) external onlyOwner {
+        require(address(this).balance >= amount);
+        msg.sender.transfer(amount);
+    }
+
+    function setSafe(address _safe) external onlyOwner {
+        require(_safe != address(0));
+        safe = _safe;
+    }
+
+    function setMinAmount(uint256 _minAmount) external onlyOwner {
+        require(maxAmount >= _minAmount);
+        minAmount = _minAmount;
+    }
+
+    function setMaxAmount(uint256 _maxAmount) external onlyOwner {
+        require(_maxAmount >= minAmount);
+        maxAmount = _maxAmount;
+    }
+
+    function setDepositFee(uint256 _fee) external onlyOwner {
+        depositFee = _fee;
+    }
+
+    function setGasLimit(uint256 _gasLimit) external onlyOwner {
+        gasLimit = _gasLimit;
+    }
+
+    function pause() external onlyOwner {
+        require(!paused);
+        paused = true;
+    }
+
+    function resume() external onlyOwner {
+        require(paused);
+        paused = false;
+    }
+
+}