From e4f9f24792bdedbb516a475937cef24bc353756c Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Tue, 24 Oct 2017 13:23:17 +0800
Subject: [PATCH] check ForeignBridge transfer() overflow

---
 contracts/Authorities.bin   |  2 +-
 contracts/ForeignBridge.bin |  2 +-
 contracts/HomeBridge.bin    |  2 +-
 contracts/Signer.bin        |  2 +-
 contracts/SignerTest.bin    |  2 +-
 contracts/Utils.bin         |  2 +-
 contracts/bridge.sol        |  2 ++
 truffle/test/foreign.js     | 44 ++++++++++++++++++++++++++++++++++++-
 8 files changed, 51 insertions(+), 7 deletions(-)

diff --git a/contracts/Authorities.bin b/contracts/Authorities.bin
index 7b58ec6..0afd059 100644
--- a/contracts/Authorities.bin
+++ b/contracts/Authorities.bin
@@ -1 +1 @@
-60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058201dad5c43bba0bffc89ca5cf275cee04095a323df75058b9e5cfb736e54381f790029
\ No newline at end of file
+60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058204bf4d2e61d7c2ef77bafcb00f90ad3edc7c14ae1e5f6b5b77b535347a1e649050029
\ No newline at end of file
diff --git a/contracts/ForeignBridge.bin b/contracts/ForeignBridge.bin
index 612efa6..aa95bd7 100644
--- a/contracts/ForeignBridge.bin
+++ b/contracts/ForeignBridge.bin
@@ -1 +1 @@
-606060405234156200001057600080fd5b604051620016a3380380620016a383398101604052808051906020019091908051820191905050600082141515156200004857600080fd5b805182111515156200005957600080fd5b8160008190555080600190805190602001906200007892919062000081565b50505062000156565b828054828255906000526020600020908101928215620000fd579160200282015b82811115620000fc5782518260006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555091602001919060010190620000a2565b5b5090506200010c919062000110565b5090565b6200015391905b808211156200014f57600081816101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690555060010162000117565b5090565b90565b61153d80620001666000396000f3006060604052361561008c576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680631812d9961461009157806326b3293f1461013a57806327e235e314610189578063490a32c6146101d6578063494503d414610276578063630cea8e146102d95780638d06804314610379578063e1ad1162146103a2575b600080fd5b341561009c57600080fd5b6100bf6004808035600019169060200190919080359060200190919050506103ef565b6040518080602001828103825283818151815260200191508051906020019080838360005b838110156100ff5780820151818401526020810190506100e4565b50505050905090810190601f16801561012c5780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b341561014557600080fd5b610187600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091908035906020019091908035600019169060200190919050506104ce565b005b341561019457600080fd5b6101c0600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091905050610800565b6040518082815260200191505060405180910390f35b34156101e157600080fd5b6101fb600480803560001916906020019091905050610818565b6040518080602001828103825283818151815260200191508051906020019080838360005b8381101561023b578082015181840152602081019050610220565b50505050905090810190601f1680156102685780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b341561028157600080fd5b61029760048080359060200190919050506108de565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b34156102e457600080fd5b610377600480803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190505061091d565b005b341561038457600080fd5b61038c610cea565b6040518082815260200191505060405180910390f35b34156103ad57600080fd5b6103ed600480803573ffffffffffffffffffffffffffffffffffffffff169060200190919080359060200190919080351515906020019091905050610cf0565b005b6103f7611378565b6004600084600019166000191681526020019081526020016000206002018281548110151561042257fe5b90600052602060002090018054600181600116156101000203166002900480601f0160208091040260200160405190810160405280929190818152602001828054600181600116156101000203166002900480156104c15780601f10610496576101008083540402835291602001916104c1565b820191906000526020600020905b8154815290600101906020018083116104a457829003601f168201915b5050505050905092915050565b600061056933600180548060200260200160405190810160405280929190818152602001828054801561055657602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161050c575b5050505050610ef390919063ffffffff16565b151561057457600080fd5b838383604051808473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166c0100000000000000000000000002815260140183815260200182600019166000191681526020019350505050604051809103902090506106913360036000846000191660001916815260200190815260200160002080548060200260200160405190810160405280929190818152602001828054801561067e57602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019060010190808311610634575b5050505050610ef390919063ffffffff16565b15151561069d57600080fd5b60036000826000191660001916815260200190815260200160002080548060010182816106ca919061138c565b9160005260206000209001600033909190916101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550506000546003600083600019166000191681526020019081526020016000208054905014156107fa5782600260008673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055507fe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c8484604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a15b50505050565b60026020528060005260406000206000915090505481565b610820611378565b6004600083600019166000191681526020019081526020016000206000018054600181600116156101000203166002900480601f0160208091040260200160405190810160405280929190818152602001828054600181600116156101000203166002900480156108d25780601f106108a7576101008083540402835291602001916108d2565b820191906000526020600020905b8154815290600101906020018083116108b557829003601f168201915b50505050509050919050565b6001818154811015156108ed57fe5b90600052602060002090016000915054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b60006109b83360018054806020026020016040519081016040528092919081815260200182805480156109a557602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161095b575b5050505050610ef390919063ffffffff16565b15156109c357600080fd5b3373ffffffffffffffffffffffffffffffffffffffff166109e48484610f71565b73ffffffffffffffffffffffffffffffffffffffff16141515610a0657600080fd5b60548251141515610a1657600080fd5b816040518082805190602001908083835b602083101515610a4c5780518252602082019150602081019050602083039250610a27565b6001836020036101000a03801982511681845116808217855250505050505090500191505060405180910390209050610b3033600460008460001916600019168152602001908152602001600020600101805480602002602001604051908101604052809291908181526020018280548015610b1d57602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019060010190808311610ad3575b5050505050610ef390919063ffffffff16565b151515610b3c57600080fd5b816004600083600019166000191681526020019081526020016000206000019080519060200190610b6e9291906113b8565b506004600082600019166000191681526020019081526020016000206001018054806001018281610b9f919061138c565b9160005260206000209001600033909190916101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550506004600082600019166000191681526020019081526020016000206002018054806001018281610c1e9190611438565b916000526020600020900160008590919091509080519060200190610c449291906113b8565b5050600054600460008360001916600019168152602001908152602001600020600101805490501415610ce5577feb043d149eedb81369bec43d4c3a3a53087debc88d2525f13bfaa3eecda28b5c3382604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200182600019166000191681526020019250505060405180910390a15b505050565b60005481565b81600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205410151515610d3e57600080fd5b81600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825403925050819055508015610e01577f884edad9ce6fa2440d8a54cc123490eb96d2768479d49ff9c7366125a94243648383604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1610eee565b81600260008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055507fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef338484604051808473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001828152602001935050505060405180910390a15b505050565b600080600090505b8351811015610f65578273ffffffffffffffffffffffffffffffffffffffff168482815181101515610f2957fe5b9060200190602002015173ffffffffffffffffffffffffffffffffffffffff161415610f585760019150610f6a565b8080600101915050610efb565b600091505b5092915050565b60008060008060418651141515610f8757600080fd5b6020860151925060408601519150606086015190506001610fa786611059565b827f010000000000000000000000000000000000000000000000000000000000000090048585604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f1151561104557600080fd5b505060206040510351935050505092915050565b6000611063611378565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a0000000000008152509050806110a684516111b9565b846040518084805190602001908083835b6020831015156110dc57805182526020820191506020810190506020830392506110b7565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b60208310151561112f578051825260208201915060208101905060208303925061110a565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b602083101515611182578051825260208201915060208101905060208303925061115d565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b6111c1611464565b6111c9611378565b6000806111d4611378565b600060086040518059106111e55750595b90808252806020026020018201604052509450600093505b60008714151561129457600a8781151561121357fe5b069250600a8781151561122257fe5b049650826030017f010000000000000000000000000000000000000000000000000000000000000002858580600101965081518110151561125f57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053506111fd565b836040518059106112a25750595b90808252806020026020018201604052509150600090505b8381101561136b57846001828603038151811015156112d557fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f010000000000000000000000000000000000000000000000000000000000000002828281518110151561132e57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a90535080806001019150506112ba565b8195505050505050919050565b602060405190810160405280600081525090565b8154818355818115116113b3578183600052602060002091820191016113b29190611478565b5b505050565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f106113f957805160ff1916838001178555611427565b82800160010185558215611427579182015b8281111561142657825182559160200191906001019061140b565b5b5090506114349190611478565b5090565b81548183558181151161145f5781836000526020600020918201910161145e919061149d565b5b505050565b602060405190810160405280600081525090565b61149a91905b8082111561149657600081600090555060010161147e565b5090565b90565b6114c691905b808211156114c257600081816114b991906114c9565b506001016114a3565b5090565b90565b50805460018160011615610100020316600290046000825580601f106114ef575061150e565b601f01602090049060005260206000209081019061150d9190611478565b5b505600a165627a7a72305820149bfeb01e760dc8ac7555de9a7cc34f8b5a0f75fdda6d5021765696d04e0b7f0029
\ No newline at end of file
+606060405234156200001057600080fd5b604051620017313803806200173183398101604052808051906020019091908051820191905050600082141515156200004857600080fd5b805182111515156200005957600080fd5b8160008190555080600190805190602001906200007892919062000081565b50505062000156565b828054828255906000526020600020908101928215620000fd579160200282015b82811115620000fc5782518260006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555091602001919060010190620000a2565b5b5090506200010c919062000110565b5090565b6200015391905b808211156200014f57600081816101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690555060010162000117565b5090565b90565b6115cb80620001666000396000f3006060604052361561008c576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680631812d9961461009157806326b3293f1461013a57806327e235e314610189578063490a32c6146101d6578063494503d414610276578063630cea8e146102d95780638d06804314610379578063e1ad1162146103a2575b600080fd5b341561009c57600080fd5b6100bf6004808035600019169060200190919080359060200190919050506103ef565b6040518080602001828103825283818151815260200191508051906020019080838360005b838110156100ff5780820151818401526020810190506100e4565b50505050905090810190601f16801561012c5780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b341561014557600080fd5b610187600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091908035906020019091908035600019169060200190919050506104ce565b005b341561019457600080fd5b6101c0600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091905050610800565b6040518082815260200191505060405180910390f35b34156101e157600080fd5b6101fb600480803560001916906020019091905050610818565b6040518080602001828103825283818151815260200191508051906020019080838360005b8381101561023b578082015181840152602081019050610220565b50505050905090810190601f1680156102685780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b341561028157600080fd5b61029760048080359060200190919050506108de565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b34156102e457600080fd5b610377600480803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190505061091d565b005b341561038457600080fd5b61038c610cea565b6040518082815260200191505060405180910390f35b34156103ad57600080fd5b6103ed600480803573ffffffffffffffffffffffffffffffffffffffff169060200190919080359060200190919080351515906020019091905050610cf0565b005b6103f7611406565b6004600084600019166000191681526020019081526020016000206002018281548110151561042257fe5b90600052602060002090018054600181600116156101000203166002900480601f0160208091040260200160405190810160405280929190818152602001828054600181600116156101000203166002900480156104c15780601f10610496576101008083540402835291602001916104c1565b820191906000526020600020905b8154815290600101906020018083116104a457829003601f168201915b5050505050905092915050565b600061056933600180548060200260200160405190810160405280929190818152602001828054801561055657602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161050c575b5050505050610f8190919063ffffffff16565b151561057457600080fd5b838383604051808473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166c0100000000000000000000000002815260140183815260200182600019166000191681526020019350505050604051809103902090506106913360036000846000191660001916815260200190815260200160002080548060200260200160405190810160405280929190818152602001828054801561067e57602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019060010190808311610634575b5050505050610f8190919063ffffffff16565b15151561069d57600080fd5b60036000826000191660001916815260200190815260200160002080548060010182816106ca919061141a565b9160005260206000209001600033909190916101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550506000546003600083600019166000191681526020019081526020016000208054905014156107fa5782600260008673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055507fe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c8484604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a15b50505050565b60026020528060005260406000206000915090505481565b610820611406565b6004600083600019166000191681526020019081526020016000206000018054600181600116156101000203166002900480601f0160208091040260200160405190810160405280929190818152602001828054600181600116156101000203166002900480156108d25780601f106108a7576101008083540402835291602001916108d2565b820191906000526020600020905b8154815290600101906020018083116108b557829003601f168201915b50505050509050919050565b6001818154811015156108ed57fe5b90600052602060002090016000915054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b60006109b83360018054806020026020016040519081016040528092919081815260200182805480156109a557602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161095b575b5050505050610f8190919063ffffffff16565b15156109c357600080fd5b3373ffffffffffffffffffffffffffffffffffffffff166109e48484610fff565b73ffffffffffffffffffffffffffffffffffffffff16141515610a0657600080fd5b60548251141515610a1657600080fd5b816040518082805190602001908083835b602083101515610a4c5780518252602082019150602081019050602083039250610a27565b6001836020036101000a03801982511681845116808217855250505050505090500191505060405180910390209050610b3033600460008460001916600019168152602001908152602001600020600101805480602002602001604051908101604052809291908181526020018280548015610b1d57602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019060010190808311610ad3575b5050505050610f8190919063ffffffff16565b151515610b3c57600080fd5b816004600083600019166000191681526020019081526020016000206000019080519060200190610b6e929190611446565b506004600082600019166000191681526020019081526020016000206001018054806001018281610b9f919061141a565b9160005260206000209001600033909190916101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550506004600082600019166000191681526020019081526020016000206002018054806001018281610c1e91906114c6565b916000526020600020900160008590919091509080519060200190610c44929190611446565b5050600054600460008360001916600019168152602001908152602001600020600101805490501415610ce5577feb043d149eedb81369bec43d4c3a3a53087debc88d2525f13bfaa3eecda28b5c3382604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200182600019166000191681526020019250505060405180910390a15b505050565b60005481565b81600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205410151515610d3e57600080fd5b600260008473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205482600260008673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205401111515610dcc57600080fd5b81600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825403925050819055508015610e8f577f884edad9ce6fa2440d8a54cc123490eb96d2768479d49ff9c7366125a94243648383604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1610f7c565b81600260008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055507fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef338484604051808473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001828152602001935050505060405180910390a15b505050565b600080600090505b8351811015610ff3578273ffffffffffffffffffffffffffffffffffffffff168482815181101515610fb757fe5b9060200190602002015173ffffffffffffffffffffffffffffffffffffffff161415610fe65760019150610ff8565b8080600101915050610f89565b600091505b5092915050565b6000806000806041865114151561101557600080fd5b6020860151925060408601519150606086015190506001611035866110e7565b827f010000000000000000000000000000000000000000000000000000000000000090048585604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f115156110d357600080fd5b505060206040510351935050505092915050565b60006110f1611406565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a0000000000008152509050806111348451611247565b846040518084805190602001908083835b60208310151561116a5780518252602082019150602081019050602083039250611145565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b6020831015156111bd5780518252602082019150602081019050602083039250611198565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b60208310151561121057805182526020820191506020810190506020830392506111eb565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b61124f6114f2565b611257611406565b600080611262611406565b600060086040518059106112735750595b90808252806020026020018201604052509450600093505b60008714151561132257600a878115156112a157fe5b069250600a878115156112b057fe5b049650826030017f01000000000000000000000000000000000000000000000000000000000000000285858060010196508151811015156112ed57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a90535061128b565b836040518059106113305750595b90808252806020026020018201604052509150600090505b838110156113f9578460018286030381518110151561136357fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f01000000000000000000000000000000000000000000000000000000000000000282828151811015156113bc57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053508080600101915050611348565b8195505050505050919050565b602060405190810160405280600081525090565b815481835581811511611441578183600052602060002091820191016114409190611506565b5b505050565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061148757805160ff19168380011785556114b5565b828001600101855582156114b5579182015b828111156114b4578251825591602001919060010190611499565b5b5090506114c29190611506565b5090565b8154818355818115116114ed578183600052602060002091820191016114ec919061152b565b5b505050565b602060405190810160405280600081525090565b61152891905b8082111561152457600081600090555060010161150c565b5090565b90565b61155491905b8082111561155057600081816115479190611557565b50600101611531565b5090565b90565b50805460018160011615610100020316600290046000825580601f1061157d575061159c565b601f01602090049060005260206000209081019061159b9190611506565b5b505600a165627a7a72305820d21ecd8347ce230a83fb59a87ae0aeddffb9b92ad66b0041a9f2856d192ae0500029
\ No newline at end of file
diff --git a/contracts/HomeBridge.bin b/contracts/HomeBridge.bin
index 2fd0551..6af681f 100644
--- a/contracts/HomeBridge.bin
+++ b/contracts/HomeBridge.bin
@@ -1 +1 @@
-6060604052341561000f57600080fd5b604051610b92380380610b92833981016040528080519060200190919080518201919050506000821415151561004457600080fd5b8051821115151561005457600080fd5b816000819055508060019080519060200190610071929190610079565b505050610146565b8280548282559060005260206000209081019282156100f2579160200282015b828111156100f15782518260006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555091602001919060010190610099565b5b5090506100ff9190610103565b5090565b61014391905b8082111561013f57600081816101000a81549073ffffffffffffffffffffffffffffffffffffffff021916905550600101610109565b5090565b90565b610a3d806101556000396000f30060606040523615610055576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063494503d4146100c25780638d068043146101255780639ce318f61461014e575b7fe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c3334604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1005b34156100cd57600080fd5b6100e3600480803590602001909190505061026b565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b341561013057600080fd5b6101386102aa565b6040518082815260200191505060405180910390f35b341561015957600080fd5b610269600480803590602001908201803590602001908080602002602001604051908101604052809392919081815260200183836020028082843782019150505050505091908035906020019082018035906020019080806020026020016040519081016040528093929190818152602001838360200280828437820191505050505050919080359060200190820180359060200190808060200260200160405190810160405280939291908181526020018383602002808284378201915050505050509190803590602001908201803590602001908080601f016020809104026020016040519081016040528093929190818152602001838380828437820191505050505050919050506102b0565b005b60018181548110151561027a57fe5b90600052602060002090016000915054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b60005481565b60008060008686868660006102c36109d5565b6000806102cf85610638565b93506000546040518059106102e15750595b9080825280602002602001820160405250925087516000541115151561030657600080fd5b600091505b6000548210156104fe57600184898481518110151561032657fe5b90602001906020020151898581518110151561033e57fe5b90602001906020020151898681518110151561035657fe5b90602001906020020151604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f115156103d857600080fd5b505060206040510351905061047c81600180548060200260200160405190810160405280929190818152602001828054801561046957602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161041f575b505050505061079890919063ffffffff16565b151561048757600080fd5b61049a818461079890919063ffffffff16565b1515156104a657600080fd5b8083838151811015156104b557fe5b9060200190602002019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff1681525050818060010192505061030b565b60208c01519a5060408c0151995060608c01519850600260008a6000191660001916815260200190815260200160002060009054906101000a900460ff1615151561054857600080fd5b6001600260008b6000191660001916815260200190815260200160002060006101000a81548160ff0219169083151502179055508a73ffffffffffffffffffffffffffffffffffffffff166108fc8b9081150290604051600060405180830381858888f1935050505015156105bc57600080fd5b7f884edad9ce6fa2440d8a54cc123490eb96d2768479d49ff9c7366125a94243648b8b604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1505050505050505050505050505050565b60006106426109e9565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a0000000000008152509050806106858451610816565b846040518084805190602001908083835b6020831015156106bb5780518252602082019150602081019050602083039250610696565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b60208310151561070e57805182526020820191506020810190506020830392506106e9565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b602083101515610761578051825260208201915060208101905060208303925061073c565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b600080600090505b835181101561080a578273ffffffffffffffffffffffffffffffffffffffff1684828151811015156107ce57fe5b9060200190602002015173ffffffffffffffffffffffffffffffffffffffff1614156107fd576001915061080f565b80806001019150506107a0565b600091505b5092915050565b61081e6109fd565b6108266109e9565b6000806108316109e9565b600060086040518059106108425750595b90808252806020026020018201604052509450600093505b6000871415156108f157600a8781151561087057fe5b069250600a8781151561087f57fe5b049650826030017f01000000000000000000000000000000000000000000000000000000000000000285858060010196508151811015156108bc57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a90535061085a565b836040518059106108ff5750595b90808252806020026020018201604052509150600090505b838110156109c8578460018286030381518110151561093257fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f010000000000000000000000000000000000000000000000000000000000000002828281518110151561098b57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053508080600101915050610917565b8195505050505050919050565b602060405190810160405280600081525090565b602060405190810160405280600081525090565b6020604051908101604052806000815250905600a165627a7a72305820205cdebb5e1c84e9ca98ebd2452291cdae46a6cb01be946904b31cb3fa7b3e320029
\ No newline at end of file
+6060604052341561000f57600080fd5b604051610b92380380610b92833981016040528080519060200190919080518201919050506000821415151561004457600080fd5b8051821115151561005457600080fd5b816000819055508060019080519060200190610071929190610079565b505050610146565b8280548282559060005260206000209081019282156100f2579160200282015b828111156100f15782518260006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555091602001919060010190610099565b5b5090506100ff9190610103565b5090565b61014391905b8082111561013f57600081816101000a81549073ffffffffffffffffffffffffffffffffffffffff021916905550600101610109565b5090565b90565b610a3d806101556000396000f30060606040523615610055576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063494503d4146100c25780638d068043146101255780639ce318f61461014e575b7fe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c3334604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1005b34156100cd57600080fd5b6100e3600480803590602001909190505061026b565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b341561013057600080fd5b6101386102aa565b6040518082815260200191505060405180910390f35b341561015957600080fd5b610269600480803590602001908201803590602001908080602002602001604051908101604052809392919081815260200183836020028082843782019150505050505091908035906020019082018035906020019080806020026020016040519081016040528093929190818152602001838360200280828437820191505050505050919080359060200190820180359060200190808060200260200160405190810160405280939291908181526020018383602002808284378201915050505050509190803590602001908201803590602001908080601f016020809104026020016040519081016040528093929190818152602001838380828437820191505050505050919050506102b0565b005b60018181548110151561027a57fe5b90600052602060002090016000915054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b60005481565b60008060008686868660006102c36109d5565b6000806102cf85610638565b93506000546040518059106102e15750595b9080825280602002602001820160405250925087516000541115151561030657600080fd5b600091505b6000548210156104fe57600184898481518110151561032657fe5b90602001906020020151898581518110151561033e57fe5b90602001906020020151898681518110151561035657fe5b90602001906020020151604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f115156103d857600080fd5b505060206040510351905061047c81600180548060200260200160405190810160405280929190818152602001828054801561046957602002820191906000526020600020905b8160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001906001019080831161041f575b505050505061079890919063ffffffff16565b151561048757600080fd5b61049a818461079890919063ffffffff16565b1515156104a657600080fd5b8083838151811015156104b557fe5b9060200190602002019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff1681525050818060010192505061030b565b60208c01519a5060408c0151995060608c01519850600260008a6000191660001916815260200190815260200160002060009054906101000a900460ff1615151561054857600080fd5b6001600260008b6000191660001916815260200190815260200160002060006101000a81548160ff0219169083151502179055508a73ffffffffffffffffffffffffffffffffffffffff166108fc8b9081150290604051600060405180830381858888f1935050505015156105bc57600080fd5b7f884edad9ce6fa2440d8a54cc123490eb96d2768479d49ff9c7366125a94243648b8b604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1505050505050505050505050505050565b60006106426109e9565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a0000000000008152509050806106858451610816565b846040518084805190602001908083835b6020831015156106bb5780518252602082019150602081019050602083039250610696565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b60208310151561070e57805182526020820191506020810190506020830392506106e9565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b602083101515610761578051825260208201915060208101905060208303925061073c565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b600080600090505b835181101561080a578273ffffffffffffffffffffffffffffffffffffffff1684828151811015156107ce57fe5b9060200190602002015173ffffffffffffffffffffffffffffffffffffffff1614156107fd576001915061080f565b80806001019150506107a0565b600091505b5092915050565b61081e6109fd565b6108266109e9565b6000806108316109e9565b600060086040518059106108425750595b90808252806020026020018201604052509450600093505b6000871415156108f157600a8781151561087057fe5b069250600a8781151561087f57fe5b049650826030017f01000000000000000000000000000000000000000000000000000000000000000285858060010196508151811015156108bc57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a90535061085a565b836040518059106108ff5750595b90808252806020026020018201604052509150600090505b838110156109c8578460018286030381518110151561093257fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f010000000000000000000000000000000000000000000000000000000000000002828281518110151561098b57fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053508080600101915050610917565b8195505050505050919050565b602060405190810160405280600081525090565b602060405190810160405280600081525090565b6020604051908101604052806000815250905600a165627a7a7230582047a51bdc80485227e65f0fcfb2b2fb1d2b8c8fa6a0cb01f1821c3bfbff502be10029
\ No newline at end of file
diff --git a/contracts/Signer.bin b/contracts/Signer.bin
index e9980ea..fd51b43 100644
--- a/contracts/Signer.bin
+++ b/contracts/Signer.bin
@@ -1 +1 @@
-60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058204971c18e0e1ddf69fded6644effcdb50c80ccc6d5a8aa81fe9fbfa53e1b68d100029
\ No newline at end of file
+60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058200fec83d497c5208128bec78c672d8aac3fed9559fdefa94abd436d5f580c9f1b0029
\ No newline at end of file
diff --git a/contracts/SignerTest.bin b/contracts/SignerTest.bin
index 66a4b7e..abe643b 100644
--- a/contracts/SignerTest.bin
+++ b/contracts/SignerTest.bin
@@ -1 +1 @@
-6060604052341561000f57600080fd5b6105818061001e6000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680631c7ede5f1461003d57600080fd5b6100d0600480803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190803590602001908201803590602001908080601f01602080910402602001604051908101604052809392919081815260200183838082843782019150505050505091905050610112565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b600061011e8383610126565b905092915050565b6000806000806041865114151561013c57600080fd5b602086015192506040860151915060608601519050600161015c8661020e565b827f010000000000000000000000000000000000000000000000000000000000000090048585604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f115156101fa57600080fd5b505060206040510351935050505092915050565b600061021861052d565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a00000000000081525090508061025b845161036e565b846040518084805190602001908083835b602083101515610291578051825260208201915060208101905060208303925061026c565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b6020831015156102e457805182526020820191506020810190506020830392506102bf565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b6020831015156103375780518252602082019150602081019050602083039250610312565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b610376610541565b61037e61052d565b60008061038961052d565b6000600860405180591061039a5750595b90808252806020026020018201604052509450600093505b60008714151561044957600a878115156103c857fe5b069250600a878115156103d757fe5b049650826030017f010000000000000000000000000000000000000000000000000000000000000002858580600101965081518110151561041457fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053506103b2565b836040518059106104575750595b90808252806020026020018201604052509150600090505b83811015610520578460018286030381518110151561048a57fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f01000000000000000000000000000000000000000000000000000000000000000282828151811015156104e357fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a905350808060010191505061046f565b8195505050505050919050565b602060405190810160405280600081525090565b6020604051908101604052806000815250905600a165627a7a72305820fb76108a72fef4e281cb9e45df4aa8d8c33dcc5bff00ea6f7e5d9719a27745260029
\ No newline at end of file
+6060604052341561000f57600080fd5b6105818061001e6000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680631c7ede5f1461003d57600080fd5b6100d0600480803590602001908201803590602001908080601f0160208091040260200160405190810160405280939291908181526020018383808284378201915050505050509190803590602001908201803590602001908080601f01602080910402602001604051908101604052809392919081815260200183838082843782019150505050505091905050610112565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b600061011e8383610126565b905092915050565b6000806000806041865114151561013c57600080fd5b602086015192506040860151915060608601519050600161015c8661020e565b827f010000000000000000000000000000000000000000000000000000000000000090048585604051600081526020016040526000604051602001526040518085600019166000191681526020018460ff1660ff16815260200183600019166000191681526020018260001916600019168152602001945050505050602060405160208103908084039060008661646e5a03f115156101fa57600080fd5b505060206040510351935050505092915050565b600061021861052d565b6040805190810160405280601a81526020017f19457468657265756d205369676e6564204d6573736167653a0a00000000000081525090508061025b845161036e565b846040518084805190602001908083835b602083101515610291578051825260208201915060208101905060208303925061026c565b6001836020036101000a03801982511681845116808217855250505050505090500183805190602001908083835b6020831015156102e457805182526020820191506020810190506020830392506102bf565b6001836020036101000a03801982511681845116808217855250505050505090500182805190602001908083835b6020831015156103375780518252602082019150602081019050602083039250610312565b6001836020036101000a03801982511681845116808217855250505050505090500193505050506040518091039020915050919050565b610376610541565b61037e61052d565b60008061038961052d565b6000600860405180591061039a5750595b90808252806020026020018201604052509450600093505b60008714151561044957600a878115156103c857fe5b069250600a878115156103d757fe5b049650826030017f010000000000000000000000000000000000000000000000000000000000000002858580600101965081518110151561041457fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a9053506103b2565b836040518059106104575750595b90808252806020026020018201604052509150600090505b83811015610520578460018286030381518110151561048a57fe5b9060200101517f010000000000000000000000000000000000000000000000000000000000000090047f01000000000000000000000000000000000000000000000000000000000000000282828151811015156104e357fe5b9060200101907effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1916908160001a905350808060010191505061046f565b8195505050505050919050565b602060405190810160405280600081525090565b6020604051908101604052806000815250905600a165627a7a72305820e18bf227f2aaaf36d055778c1cbc21cdc35f0958f287389b1112c06ec544ba420029
\ No newline at end of file
diff --git a/contracts/Utils.bin b/contracts/Utils.bin
index 5b32949..dbc24a1 100644
--- a/contracts/Utils.bin
+++ b/contracts/Utils.bin
@@ -1 +1 @@
-60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058200905d3e14b8b5697c0ffc99aac06fac68a87f03b29568419dadf089de31f7f130029
\ No newline at end of file
+60606040523415600e57600080fd5b603580601b6000396000f3006060604052600080fd00a165627a7a723058206d3f7e0a9ebbb56a42cb01b951446e2f5b7c560091f52168a8f74d141b66f70a0029
\ No newline at end of file
diff --git a/contracts/bridge.sol b/contracts/bridge.sol
index d26f085..2eb27e5 100644
--- a/contracts/bridge.sol
+++ b/contracts/bridge.sol
@@ -216,6 +216,8 @@ contract ForeignBridge {
     /// Used to transfer money between accounts
     function transfer (address recipient, uint value, bool externalTransfer) {
         require(balances[msg.sender] >= value);
+        // fails if value == 0, or if there is an overflow
+        require(balances[recipient] + value > balances[recipient]);
 
         balances[msg.sender] -= value;
         if (externalTransfer) {
diff --git a/truffle/test/foreign.js b/truffle/test/foreign.js
index 479d764..4b4d762 100644
--- a/truffle/test/foreign.js
+++ b/truffle/test/foreign.js
@@ -164,6 +164,49 @@ contract('ForeignBridge', function(accounts) {
     })
   })
 
+  it("should fail to transfer 0 value", function() {
+    var meta;
+    var requiredSignatures = 1;
+    var authorities = [accounts[0], accounts[1]];
+    var user_account = accounts[2];
+    var user_account2 = accounts[3];
+    var value = web3.toWei(3, "ether");
+    var value2 = web3.toWei(0, "ether");
+    var hash = "0xe55bb43c36cdf79e23b4adc149cdded921f0d482e613c50c6540977c213bc408";
+    return ForeignBridge.new(requiredSignatures, authorities).then(function(instance) {
+      meta = instance;
+      return meta.deposit(user_account, value, hash, { from: authorities[0] });
+    }).then(function(result) {
+      return meta.transfer(user_account2, value2, false, { from: user_account });
+    }).then(function(result) {
+      assert(false, "Transfer of value 0 should fail");
+    }, function (err) {
+    })
+  })
+
+  it("should fail to transfer with value overflow", function() {
+    var meta;
+    var requiredSignatures = 1;
+    var authorities = [accounts[0], accounts[1]];
+    var user_account = accounts[2];
+    var user_account2 = accounts[3];
+    var value = web3.toWei("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", "wei");
+    var value2 = web3.toWei(1, "wei");
+    var hash = "0xe55bb43c36cdf79e23b4adc149cdded921f0d482e613c50c6540977c213bc408";
+    return ForeignBridge.new(requiredSignatures, authorities).then(function(instance) {
+      meta = instance;
+      return Promise.all([
+        meta.deposit(user_account, value, hash, { from: authorities[0] }),
+        meta.deposit(user_account2, value2, hash, { from: authorities[0] }),
+      ])
+    }).then(function(result) {
+      return meta.transfer(user_account2, value, false, { from: user_account });
+    }).then(function(result) {
+      assert(false, "Transfer with overflow should fail");
+    }, function (err) {
+    })
+  })
+
   it("should allow user to trigger withdraw", function() {
     var meta;
     var requiredSignatures = 1;
@@ -385,5 +428,4 @@ contract('ForeignBridge', function(accounts) {
       // nothing
     })
   })
-
 })