I need to analyze blocks and txs to find if there is a transfer ETH to address from my list. When some user makes a direct transfer it is clear, I can check to parameter of the transaction. But sometimes users execute smart contracts which transfer ETH to address from my list, in this case to is the address of the smart contract, so I can't match it with my list. Is there a way to handle such cases?
If you mean something like an "internal tx" of a forwarding contract like this example. Which does a value call (address.call()()). Then there is no way of knowing the final destination with tracing the transaction. Alternatively some contracts could emit an event or in the case of forwarding contracts, you could read the 'parentAddress' set during contract init.
Etherscan parses the trace for you so you can see those internal transfers afaik (see example above).
Related
I want to build a smart contract function, which use caller's password as params.
I have no knowledge about blockchain security, so I ask the following question:
When calling a smart contract function, do the params record on blockchain?
Further more, what information will record in blockchain if an address calls a function of a smart contract?
I think the logs emit by the events must record on blockchain, besides these, anything more?
I've learned before that a contract address calling leaves logs on blockchain, but an account address(EOA) calling doesn't. Is it true?
Function parameters are part of the transaction, which is part of the calldata. So calldata is also persisted. Eventhough it is persisted, that doesn't mean it is easily available. Calldata is not indexed, and is not available at runtime. But the data is available to the nodes (for sure to those who runs full node, not sure about the light nodes).
Calldata can be accessed by running a localnode, which means it is not available for any functions at runtime, the only calldata that is available at runtime is the parameters for that particular transaction.
So, if you call a function with a password parameter, someone somewhere can see it for sure.
If you are using the ERC-721 standard, what is the prefer method determining which tokens the address owns in a DAPP.
Currently I'm request all the Transfer Events for an address and basically sorting them into transfer in and transfer out, and then using that to determine which tokens the user owns.
Is there a simpler way I missed.
Transfer events may be emitted also by contracts that are not ERC-721 tokens, or some noname tokens that you might not be interested in.
The actual token ownership is stored in the tokens contracts (and not the DAPP contract).
So your current approach is pretty much as straightforward as it can get, if you want to automatically keep track of all tokens that the address currently owns (and some false positives as well).
Note: This is also similar to the approach of Etherscan, which listens to all Transfer event logs and if the sender contract is listed in their database of tokens, they use the event log data to update balances of the sender and recipient.
If you're willing/able to create and maintain a list of tokens that you want to follow, I'd recommend a simpler approach:
Define the list of followed token contract addresses (e.g. ECF or RARI)
For each of these token contracts, call balanceOf(<your_dapp_address>) that returns amount of tokens that the <your_dapp_address> currently owns.
I do not have much experience with Solidity programming. I want to create a smart contract for a new digital asset, say Cryptodoggies. I want to know if there is a way to prevent users from being able to resell/transfer their cryptodoggies.
You could have a variable (boolean I think would be more suitable) on your contract and use it in an access modifier for the transfer function so that the transfer function would require for this variable to be true. Then by making this variable false (by a function accessible only to you) you can stop users from transferring coins. Of course, this modifier would have to be used for every function that enables users to transfer tokens.
It would be something like that pausable ERC-20 from openzeppelin. You can find it here.
So from my understanding when creating a contract the two variables that are used in determining what the address of the contract will be are the msg.sender and the nonce value. So if I create two contracts in the same transaction such as I did with this code https://ropsten.etherscan.io/address/0xcb7d7e99e56406a675173f0ddbde7d8cc3392e5e#code
Why did it generate two contracts at two different addresses, what I though would happen is that they would generate at the same address and the one would simply overwrite the other or something like that.
You're understanding of the contract address determined by the address of the message creator and the nonce is correct. However, in the example you posted, msg.sender is the address of the Test contract.
These are the steps that occured:
You initiated the transaction to deploy Test from your external account (0x98081ce968e5643c15de9c024de96b18be8e5ace). According to the transaction information, the nonce of the account at that time was 639.
This resulted in the Test contract having an address of 0xcb7d7e99e56406a675173f0ddbde7d8cc3392e5e.
During the deployment of Test, the constructor then creates two new contracts through "internal transactions". Divert is deployed from the contract address at 0xcb7d7e99e56406a675173f0ddbde7d8cc3392e5e with nonce=1. OverRide is deployed from the same address with nonce=2.
You can view the details of the internal transaction here.
Currently I'm trying to learn ethereum and smart contract. I read this tutorial: Dapps for beginners
I'm just wondering now, if I have to call everytime a function from a contract (as in the tutorial above) or is it possible that a specific function is executed when I just transfer some ethereum to that contract address?
Example:
I execute the code below, and the receiver address is also a address with a contract. One specific function should now be executed at the receiver function.
eth.sendTransaction({from:sender, to:receiver, value: amount})
You should create a nameless payable function in your smart contract.
This will then be the default function to execute if someone sends a raw transaction at your contract's address.
function() payable public {
}
Also, the other answer here states that you need to know the contract ABI to communicate with contracts but this is not true.
You need to know the contract address, the function name and the input and output parameter types. (You could use Web3's method.call or method.sendTransaction to send the encoded data in the transaction object and interact with the contract.)
The ABI may have this information, but the ABI is not required itself.
You can only communicate with contracts if you know the ABI which is the application binary interface.
In general, an ABI is the interface between two program modules, one of which is often at the level of machine code. The interface is the de facto method for encoding/decoding data into/out of the machine code. In ethereum, it's basicly how you can encode solidity contracts for the EVM and backwards how to read the data out of transactions.
If you have the JSON ABI of a contract, you still have to decide if you want to make calls or transactions. The difference between a call and a transaction is the following:
Transactions are created by your client, signed and broadcasted to the network. They will eventually alter the state of the blockchain, e.g., by manipulating balances or values in smart contracts.
Calls are only executed locally on your computer and not broadcasted to the network, e.g., a dry run.
Calls are usefull for debugging smart contracts as they do not cost transaction fees or gas.
So if you only send a transaction to a contract without using any interface, you wont be able to execute any code on the contract.