Comments (6)
@jaglinux this is only one way to force ether into the contract. There are other ways that bypass the nonpayable
__default__
feature. You can force ether into a contract using selfdestruct
(since the destination account code - in this case the BatchDistributor
code - is not executed), or you can set the address of the BatchDistributor
as your coinbase
address (i.e. the fee recipient of your staking rewards) - also in this case the ether is forced into the contract. The third possibility would be, that you deploy the BatchDistributor
via CREATE2
. In that case, you can pre-compute the address where BatchDistributor
will be deployed, send there some ether, and deploy BatchDistributor
thereafter. Tada, you got some excess ether locked. As you can see there are plenty of use cases that cannot be prevented at all, and if people force ether into this contract for any weird reason, the first calling distribute_ether
will receive some excess ether. I don't think this justifies the additional costs of opcodes tracking total
. Therefore, I will close this issue.
from snekmate.
Thanks for the explanation ! appreciate this is captured in codebase.
from snekmate.
There is no such case as excess tokens for distribute_token
since this works differently as for msg.value
. There is no native way to handle tokens in the EVM! First you have to approve the amount you want to transfer and thereafter the exact amount is transferred via transferFrom
during the distribute_token
function call. Only if all tokens are distributed, the call will succeed. You don't send tokens directly to the contract but it's a combination of approve
and distribute_token
.
from snekmate.
Yeah, missed the "total" variable. It ensures that correct token amount is used in transferFrom
and hence no excessive tokens are transferred.
from snekmate.
To keep the implementation same across the 2 functions,
"Caller gets exact eth refund and not the whole contract balance."
diff --git a/src/utils/BatchDistributor.vy b/src/utils/BatchDistributor.vy
index 27fec25..13238d1 100644
--- a/src/utils/BatchDistributor.vy
+++ b/src/utils/BatchDistributor.vy
@@ -51,14 +51,16 @@ def distribute_ether(data: Batch):
of tuples that contain each a recipient address &
ether amount in wei.
"""
+ total: uint256 = empty(uint256)
for txn in data.txns:
# A low-level call is used to guarantee compatibility
# with smart contract wallets. As a general pre-emptive
# safety measure, a reentrancy guard is used.
raw_call(txn.recipient, b"", value=txn.amount)
+ total += txn.amount
- if (self.balance != empty(uint256)):
- raw_call(msg.sender, b"", value=self.balance)
+ if (msg.value != total):
+ raw_call(msg.sender, b"", value=msg.value - total)
Contract can have more balance if ether is accidentally sent in constructor. Thats the only possible case.
Default function prevents unwanted donation anyways.
https://vyper.readthedocs.io/en/stable/control-structures.html?highlight=__default__#the-default-function
Just as in Solidity, Vyper generates a default function if one isnβt found, in the form of a REVERT call. Note that this still generates an exception and thus will not succeed in receiving funds.
This is an edge case (ether is accidentally sent in constructor), we can ignore it. Based on reply, I will close the issue.
from snekmate.
In order to reflect this discussion in the codebase, I quickly added a comment via d2d8b9b.
from snekmate.
Related Issues (20)
- π₯ Implement Ternary Operator
- β»οΈ Fix `implements` Interfaces `ERC20Detailed`, `IERC721Metadata`, and `ERC4626` HOT 1
- π·ββοΈ Implement CI Tests for User Documentation `userdoc` and Developer Documentation `devdoc` HOT 2
- π Add NatSpec Field `@custom:contract-name`
- π₯ `ERC-2981` (NFT Royalty Standard) Implementation HOT 10
- β»οΈ Make Test Suite Compatible With Foundry `v1.0` HOT 2
- π Upgrade to Solidity Version `0.8.21` HOT 4
- π₯ Implement `deployBlueprint` Function in `VyperDeployer` Utility Function HOT 3
- π Upgrade to Vyper Version `0.3.10`
- β»οΈ Remove `increase_allowance` and `decrease_allowance` from `ERC20` and `ERC4626`
- π Upgrade to Solidity Version `0.8.22`
- π₯ `ERC-4337` Functionalities
- π₯ Add `P256Verifier` to π snekmate
- π₯ Vyper-Based Multisig Wallet HOT 5
- π₯ `Governor` Contract
- π₯ `TimelockController` Contract HOT 1
- π·ββοΈ Add Slither to CI Pipeline
- π₯ Integrate π snekmate Contracts with Halmos
- π Upgrade Solidity Version to `0.8.23`
- π₯ Amend `stateful` (a.k.a. `invariant`) Tests
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snekmate.