I do not have much experience with Solidity programming. I want to create a smart contract for a new digital asset, say Cryptodoggies. I want to know if there is a way to prevent users from being able to resell/transfer their cryptodoggies.
You could have a variable (boolean I think would be more suitable) on your contract and use it in an access modifier for the transfer function so that the transfer function would require for this variable to be true. Then by making this variable false (by a function accessible only to you) you can stop users from transferring coins. Of course, this modifier would have to be used for every function that enables users to transfer tokens.
It would be something like that pausable ERC-20 from openzeppelin. You can find it here.
Related
I want to build a smart contract function, which use caller's password as params.
I have no knowledge about blockchain security, so I ask the following question:
When calling a smart contract function, do the params record on blockchain?
Further more, what information will record in blockchain if an address calls a function of a smart contract?
I think the logs emit by the events must record on blockchain, besides these, anything more?
I've learned before that a contract address calling leaves logs on blockchain, but an account address(EOA) calling doesn't. Is it true?
Function parameters are part of the transaction, which is part of the calldata. So calldata is also persisted. Eventhough it is persisted, that doesn't mean it is easily available. Calldata is not indexed, and is not available at runtime. But the data is available to the nodes (for sure to those who runs full node, not sure about the light nodes).
Calldata can be accessed by running a localnode, which means it is not available for any functions at runtime, the only calldata that is available at runtime is the parameters for that particular transaction.
So, if you call a function with a password parameter, someone somewhere can see it for sure.
I'm building a DeFi application on Ethereum, and I would like to implement the Deposit function. Everything works fine between ETH and a ERC20 token that I built, but I would like to add some tokens like aToken for AAVE or cTokens for Compound that the user will receive after a Deposit call.
So the question is: is it possible to add a function in my smart contract to create multiple tokens without creating a smart contract for each of them? If not, I have to create a different contract for each token I want to add in my app or there is a best method to do it?
Yes this is possible. You can transfer the tokens to the user's address after the Compound Protocol mint operation. This can be made generic using the ERC-20 transfer interface. Be sure to account the amounts users are due and beware of the reentrancy vulnerability.
If you are using the ERC-721 standard, what is the prefer method determining which tokens the address owns in a DAPP.
Currently I'm request all the Transfer Events for an address and basically sorting them into transfer in and transfer out, and then using that to determine which tokens the user owns.
Is there a simpler way I missed.
Transfer events may be emitted also by contracts that are not ERC-721 tokens, or some noname tokens that you might not be interested in.
The actual token ownership is stored in the tokens contracts (and not the DAPP contract).
So your current approach is pretty much as straightforward as it can get, if you want to automatically keep track of all tokens that the address currently owns (and some false positives as well).
Note: This is also similar to the approach of Etherscan, which listens to all Transfer event logs and if the sender contract is listed in their database of tokens, they use the event log data to update balances of the sender and recipient.
If you're willing/able to create and maintain a list of tokens that you want to follow, I'd recommend a simpler approach:
Define the list of followed token contract addresses (e.g. ECF or RARI)
For each of these token contracts, call balanceOf(<your_dapp_address>) that returns amount of tokens that the <your_dapp_address> currently owns.
When I publish a new smart contract to the Ethereum blockchain, I want to notify another contract about it.
Is there any option to do that? For example, to send transaction automatically when contract reaches the blockchain.
No, but Yes.
It wouldn't be possible to notify a contract about any contract created, and I don't see an obvious way to notify about all contracts created by a specific user.
But, there's a way to notify a contract about all instances of a certain species of contract. I suspect this is a reasonable assumption, because the interested contract is probably only interested in a certain type(s) of contract.
You would implement a factory pattern and get it to deploy the instances. The function that does the deployment would be responsible for required notifications.
Hope it helps.
So lets call E your existing contract. Ensure it has a method that we can call notify for instance. When you create your new contract, from the constructor (called when it gets deployed) then call the notify method of E.
Currently I'm trying to learn ethereum and smart contract. I read this tutorial: Dapps for beginners
I'm just wondering now, if I have to call everytime a function from a contract (as in the tutorial above) or is it possible that a specific function is executed when I just transfer some ethereum to that contract address?
Example:
I execute the code below, and the receiver address is also a address with a contract. One specific function should now be executed at the receiver function.
eth.sendTransaction({from:sender, to:receiver, value: amount})
You should create a nameless payable function in your smart contract.
This will then be the default function to execute if someone sends a raw transaction at your contract's address.
function() payable public {
}
Also, the other answer here states that you need to know the contract ABI to communicate with contracts but this is not true.
You need to know the contract address, the function name and the input and output parameter types. (You could use Web3's method.call or method.sendTransaction to send the encoded data in the transaction object and interact with the contract.)
The ABI may have this information, but the ABI is not required itself.
You can only communicate with contracts if you know the ABI which is the application binary interface.
In general, an ABI is the interface between two program modules, one of which is often at the level of machine code. The interface is the de facto method for encoding/decoding data into/out of the machine code. In ethereum, it's basicly how you can encode solidity contracts for the EVM and backwards how to read the data out of transactions.
If you have the JSON ABI of a contract, you still have to decide if you want to make calls or transactions. The difference between a call and a transaction is the following:
Transactions are created by your client, signed and broadcasted to the network. They will eventually alter the state of the blockchain, e.g., by manipulating balances or values in smart contracts.
Calls are only executed locally on your computer and not broadcasted to the network, e.g., a dry run.
Calls are usefull for debugging smart contracts as they do not cost transaction fees or gas.
So if you only send a transaction to a contract without using any interface, you wont be able to execute any code on the contract.