Removed BreakInvariantBounty.

contracts/drafts/BreakInvariantBounty.sol

-pragma solidity ^0.4.24;
-
-
-import "../Initializable.sol";
-import "../payment/PullPayment.sol";
-import "../ownership/Ownable.sol";
-
-
-/**
- * @title BreakInvariantBounty
- * @dev This bounty will pay out to a researcher if they break invariant logic of the contract.
- */
-contract BreakInvariantBounty is Initializable, PullPayment, Ownable {
-  bool private _claimed;
-  mapping(address => address) private _researchers;
-
-  event TargetCreated(address createdAddress);
-
-  function initialize(address sender) public initializer {
-    PullPayment.initialize();
-    Ownable.initialize(sender);
-  }
-
-  /**
-   * @dev Fallback function allowing the contract to receive funds, if they haven't already been claimed.
-   */
-  function() external payable {
-    require(!_claimed);
-  }
-
-  /**
-   * @dev Determine if the bounty was claimed.
-   * @return true if the bounty was claimed, false otherwise.
-   */
-  function claimed() public view returns(bool) {
-    return _claimed;
-  }
-
-  /**
-   * @dev Create and deploy the target contract (extension of Target contract), and sets the
-   * msg.sender as a researcher
-   * @return A target contract
-   */
-  function createTarget() public returns(Target) {
-    Target target = Target(_deployContract());
-    _researchers[target] = msg.sender;
-    emit TargetCreated(target);
-    return target;
-  }
-
-  /**
-   * @dev Transfers the contract funds to the researcher that proved the contract is broken.
-   * @param target contract
-   */
-  function claim(Target target) public {
-    require(!_claimed);
-    address researcher = _researchers[target];
-    require(researcher != address(0));
-    // Check Target contract invariants
-    require(!target.checkInvariant());
-    _asyncTransfer(researcher, address(this).balance);
-    _claimed = true;
-  }
-
-  /**
-   * @dev Transfers the current balance to the owner and terminates the contract.
-   */
-  function destroy() public onlyOwner {
-    selfdestruct(owner());
-  }
-
-  /**
-   * @dev Internal function to deploy the target contract.
-   * @return A target contract address
-   */
-  function _deployContract() internal returns(address);
-
-}
-
-
-/**
- * @title Target
- * @dev Your main contract should inherit from this class and implement the checkInvariant method.
- */
-contract Target {
-
-   /**
-    * @dev Checks all values a contract assumes to be true all the time. If this function returns
-    * false, the contract is broken in some way and is in an inconsistent state.
-    * In order to win the bounty, security researchers will try to cause this broken state.
-    * @return True if all invariant values are correct, false otherwise.
-    */
-  function checkInvariant() public returns(bool);
-}

contracts/mocks/BreakInvariantBountyMock.sol

-pragma solidity ^0.4.24;
-
-// When this line is split, truffle parsing fails.
-// See: https://github.com/ethereum/solidity/issues/4871
-// solium-disable-next-line max-len
-import {BreakInvariantBounty, Target} from "../drafts/BreakInvariantBounty.sol";
-
-
-contract TargetMock is Target {
-  bool private exploited;
-
-  function exploitVulnerability() public {
-    exploited = true;
-  }
-
-  function checkInvariant() public returns (bool) {
-    if (exploited) {
-      return false;
-    }
-
-    return true;
-  }
-}
-
-contract BreakInvariantBountyMock is BreakInvariantBounty {
-  constructor() public {
-    BreakInvariantBounty.initialize(msg.sender);
-  }
-
-  function _deployContract() internal returns (address) {
-    return new TargetMock();
-  }
-}

test/drafts/BreakInvariantBounty.test.js

-const { ethGetBalance, ethSendTransaction } = require('../helpers/web3');
-const expectEvent = require('../helpers/expectEvent');
-const { assertRevert } = require('../helpers/assertRevert');
-
-const BreakInvariantBountyMock = artifacts.require('BreakInvariantBountyMock');
-const TargetMock = artifacts.require('TargetMock');
-
-require('chai')
-  .use(require('chai-bignumber')(web3.BigNumber))
-  .should();
-
-const reward = new web3.BigNumber(web3.toWei(1, 'ether'));
-
-contract('BreakInvariantBounty', function ([_, owner, researcher, anyone, nonTarget]) {
-  beforeEach(async function () {
-    this.bounty = await BreakInvariantBountyMock.new({ from: owner });
-  });
-
-  it('can set reward', async function () {
-    await ethSendTransaction({ from: owner, to: this.bounty.address, value: reward });
-    (await ethGetBalance(this.bounty.address)).should.be.bignumber.equal(reward);
-  });
-
-  context('with reward', function () {
-    beforeEach(async function () {
-      await ethSendTransaction({ from: owner, to: this.bounty.address, value: reward });
-    });
-
-    describe('destroy', function () {
-      it('returns all balance to the owner', async function () {
-        const ownerPreBalance = await ethGetBalance(owner);
-        await this.bounty.destroy({ from: owner, gasPrice: 0 });
-        const ownerPostBalance = await ethGetBalance(owner);
-
-        (await ethGetBalance(this.bounty.address)).should.be.bignumber.equal(0);
-        ownerPostBalance.sub(ownerPreBalance).should.be.bignumber.equal(reward);
-      });
-
-      it('reverts when called by anyone', async function () {
-        await assertRevert(this.bounty.destroy({ from: anyone }));
-      });
-    });
-
-    describe('claim', function () {
-      it('is initially unclaimed', async function () {
-        (await this.bounty.claimed()).should.equal(false);
-      });
-
-      it('can create claimable target', async function () {
-        const { logs } = await this.bounty.createTarget({ from: researcher });
-        expectEvent.inLogs(logs, 'TargetCreated');
-      });
-
-      context('with target', async function () {
-        beforeEach(async function () {
-          const { logs } = await this.bounty.createTarget({ from: researcher });
-          const event = expectEvent.inLogs(logs, 'TargetCreated');
-          this.target = TargetMock.at(event.args.createdAddress);
-        });
-
-        context('before exploiting vulnerability', async function () {
-          it('reverts when claiming reward', async function () {
-            await assertRevert(this.bounty.claim(this.target.address, { from: researcher }));
-          });
-        });
-
-        context('after exploiting vulnerability', async function () {
-          beforeEach(async function () {
-            await this.target.exploitVulnerability({ from: researcher });
-          });
-
-          it('sends the reward to the researcher', async function () {
-            await this.bounty.claim(this.target.address, { from: anyone });
-
-            const researcherPreBalance = await ethGetBalance(researcher);
-            await this.bounty.withdrawPayments(researcher);
-            const researcherPostBalance = await ethGetBalance(researcher);
-
-            researcherPostBalance.sub(researcherPreBalance).should.be.bignumber.equal(reward);
-            (await ethGetBalance(this.bounty.address)).should.be.bignumber.equal(0);
-          });
-
-          context('after claiming', async function () {
-            beforeEach(async function () {
-              await this.bounty.claim(this.target.address, { from: researcher });
-            });
-
-            it('is claimed', async function () {
-              (await this.bounty.claimed()).should.equal(true);
-            });
-
-            it('no longer accepts rewards', async function () {
-              await assertRevert(ethSendTransaction({ from: owner, to: this.bounty.address, value: reward }));
-            });
-
-            it('reverts when reclaimed', async function () {
-              await assertRevert(this.bounty.claim(this.target.address, { from: researcher }));
-            });
-          });
-        });
-      });
-
-      context('with non-target', function () {
-        it('reverts when claiming reward', async function () {
-          await assertRevert(this.bounty.claim(nonTarget, { from: researcher }));
-        });
-      });
-    });
-  });
-});