From c87433e0c242f922d37d28710ced32584b561234 Mon Sep 17 00:00:00 2001
From: Aniket <30843294+Aniket-Engg@users.noreply.github.com>
Date: Wed, 3 Oct 2018 21:20:01 +0530
Subject: [PATCH] Prevents Bounty from being claimed twice (#1374)

* signing prefix added

* Minor improvement

* Tests changed

* Successfully tested

* Minor improvements

* Minor improvements

* Revert "Dangling commas are now required. (#1359)"

This reverts commit a6889776f46adca374b6ebf014aa7b0038112a9d.

* updates

* fixes #1356

* Removed extra semicolon.
---
 contracts/bounties/BreakInvariantBounty.sol | 1 +
 test/BreakInvariantBounty.test.js           | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/contracts/bounties/BreakInvariantBounty.sol b/contracts/bounties/BreakInvariantBounty.sol
index 016d3f2f5..6fd3b6e67 100644
--- a/contracts/bounties/BreakInvariantBounty.sol
+++ b/contracts/bounties/BreakInvariantBounty.sol
@@ -45,6 +45,7 @@ contract BreakInvariantBounty is PullPayment, Ownable {
    * @param target contract
    */
   function claim(Target target) public {
+    require(!_claimed);
     address researcher = _researchers[target];
     require(researcher != address(0));
     // Check Target contract invariants
diff --git a/test/BreakInvariantBounty.test.js b/test/BreakInvariantBounty.test.js
index ff8e0f7bd..50ae96aaa 100644
--- a/test/BreakInvariantBounty.test.js
+++ b/test/BreakInvariantBounty.test.js
@@ -90,6 +90,10 @@ contract('BreakInvariantBounty', function ([_, owner, researcher, anyone, nonTar
             it('no longer accepts rewards', async function () {
               await assertRevert(ethSendTransaction({ from: owner, to: this.bounty.address, value: reward }));
             });
+
+            it('reverts when reclaimed', async function () {
+              await assertRevert(this.bounty.claim(this.target.address, { from: researcher }));
+            });
           });
         });
       });