How ERC20 tokens control access to their functions? - ethereum

Here is my question (basically, I want to know if I am right or mistaken):
First of all, we have standard ERC20:
contract ERC20Interface
{
function transfer(address _to, uint _value) public returns (bool success);
function transferFrom(address _from, address _to, uint _value) public returns (bool success);
function approve(address _spender, uint _value) public returns (bool success);
.....
}
Then, in a CrowdSale, we have a token, derived from it:
contract ICO is Ownable {
...
MyToken public m_token;
...
function ICO() public {
m_token = new MyToken();
...
Then the crowdsale ends. The token with list of all people (addresses) that bought it becomes "free" of crowd sale contract:
function finish() onlyOwner public {
if(goalReached()) {
m_token.transferOwnership(m_addrOwner);
My questions:
1. For this token to be traded on exchanges, I have to somehow provide these exchanges with token's address. Where should I get it?
2. Am I correct? Is it how it supposed to work?
In other words, if a token is a separate contract, passed to ICO contract by address, I can see how exchanges can trade it after the end of crowd sale: they have that same address.
But I see a lot of crowdsales on Etherscan, that create contract internally (like in code snippets above). How do I make it "tradable" after the end of a crowd sale in this case?
Thanks.

Most exchanges will only support your token if they see value in it. You'd have to contact the exchanges and they will evaluate if it's worth it to them based on the demand for your token. Even then, they will most likely ask for payment up front before listing.
For example, Bittrex has their submission process documented here. They offer free listing once you pass their verification process (along with some non-free services). Other exchanges follow a similar process.
The contract address you're looking for that you'd have to provide is returned to your client when you deploy your token contract. If you somehow lose the address in your client, you can find it on etherscan.io by searching for the token name/symbol (assuming your token contract follows the ERC20 spec) or by transaction hash. You can also retrieve the address in code:
function getTokenAddress() constant returns (address) {
return address(m_token);
}
Outside of an exchange, you can also do private transfers of tokens by simply adding the token contract address to a wallet like Mist or Parity and sending tokens between addresses.
Note that all of this is independent of the crowd sale. The crowd sale is a separate contract that is used to raise money and do the initial token distribution.

Related

How to transfer an ERC721 token

I'm trying to transfer an ERC721 token, but I'm getting the error ERC721: transfer caller is not owner nor approved for the transferToken method.
Main.sol
import "./ERC721.sol";
import "./Counters.sol";
contract Main is ERC721 {
using Counters for Counters.Counter;
Counters.Counter internal _tokenIds;
address payable internal admin;
constructor() ERC721("MyToken", "TOKEN") {
admin = payable(msg.sender);
}
}
Auction.sol
import "./Main.sol";
contract Auction is Main {
struct AuctionInfo {
uint256 tokenId;
address highestBidder;
uint highestBid;
}
mapping(string => AuctionInfo) private _auctionInfo;
function createAuction(string memory id) public {
_tokenIds.increment();
uint256 newTokenId = _tokenIds.current();
_mint(msg.sender, newTokenId);
_auctionInfo[id].tokenId = newTokenId;
}
function transferToken(string memory id) public {
require(msg.sender == _auctionInfo[id].highestBidder, "You are not the highest bidder");
safeTransferFrom(address(this), _auctionInfo[id].highestBidder, _auctionInfo[id].tokenId);
}
// other methods...
}
The minting contract is this and the owner of the token is the msg.sender of the minting method if I'm not mistaken. Am I to use the approve (or setApprovalForAll) for this each time before transferring? I've tried this, payable(this), and address(this) for the safeTransferFrom method, but none seem to be working.
For example, I tried the following, but get the same revert message:
approve(address(this), _auctionInfo[id].tokenId);
this.safeTransferFrom(address(this), _auctionInfo[id].highestBidder, _auctionInfo[id].tokenId);
The main principle behind any Blockchain is that nobody on the blockchain network should be trusted, and still the transactions should happen fool proof, with no possibility of any cheating being done (barring of course of some hacking).
If you invoke the approve method from the Auction contract, then the msg.sender for the approve function in the ERC721 token contract is your auction contract address. So, in other words, your Auction Contract is trying to approve itself to sell someone else's NFTs, which is not very trustworthy.
What should really happen is that owner of the NFT should invoke the approve method of the ERC721 contract - i.e. the transaction that you send for the approve function call, should be signed by the NFT owner wallet address. This way, the msg.sender for the approve function in the ERC721 contract will be the owner of the NFT. As per the ERC721 standards, the owner of the NFT can approve anyone they want, to sell their NFT(s), as the no-trust in the network is still maintained (At least I should be able to trust myself). The approve method should be invoked from within your DAPP, before the transferToken function is invoked from the DAPP.
Hope that explains why you are unable to transfer your ERC721 tokens.
Because of the internal visibility of the ERC721._approve() function, you can effectively perform the approval for the user.
Then you'll be able to execute the safeTransferFrom(tokenOwner, receiver, tokenId) from your contract, because your contract address is approved to operate this specific token even though it belongs to the tokenOwner.
This snippet mints the token, assigning the ownership to the msg.sender. But then it also calls the _approve() function that doesn't contain any validations and simply assigns the approval of the token to the Auction address.
pragma solidity ^0.8;
import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/ERC721.sol";
contract Auction is ERC721 {
constructor() ERC721("CollectionName", "Symbol") {}
function createAuction() public {
uint256 newTokenId = 1;
_mint(msg.sender, newTokenId);
_approve(address(this), newTokenId);
}
}
You can see from the screenshot that the owner is 0x5B... (the user address) and that the token is approved for 0xd9... (the contract address).
Note: The _approve() function is internal - it can be called from the ERC721 contract and contracts deriving from it (in your case Main and Auction), but it can't be called from external contracts or end user addresses.

How to interact with the deployed ERC20 token with another smart-contract?

I have created a basic ERC20 token by implementing OpenZeppelin as follow in ERC20.sol file:
pragma solidity ^0.6.4;
import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v3.4.0/contracts/token/ERC20/ERC20.sol";
contract Token is ERC20 {
constructor(string memory _name, string memory _symbol)
public
ERC20(_name, _symbol)
{
_mint(msg.sender, 10000000000000000000000000000);
}
}
Then implement another contract Contract.sol as follow:
import "./ERC20.sol";
pragma solidity ^0.6.4;
contract SimpleBank{
Token tokenContract;
constructor(Token _tokenContract) public {
tokenContract = _tokenContract;
}
function deposit(uint amt) public returns (bool) {
require(amt != 0 , "deposit amount cannot be zero");
tokenContract.transfer(address(this),amt);
return true;
}
}
As, I have deployed both contract from the address 0xAb8483F64d9C6d1EcF9b849Ae677dD3315835cb2 so, it holds 10000000000000000000000000000 tokens.
But when I call deposit function from same address I got the following error:
transact to SimpleBank.deposit errored: VM error: revert. revert The
transaction has been reverted to the initial state. Reason provided by
the contract: "ERC20: transfer amount exceeds balance". Debug the
transaction to get more information.
So, what is the proper way to interact with the deployed ERC20 token so that the deploy function works.
The user address 0xAb8483... sends a transaction executing SimpleBank's function deposit(), which makes 0xAb8483... the value of msg.sender in SimpleBank.
But then SimpleBank sends an internal transaction executing Token's function transfer(). Which makes SimpleBank address (not the 0xAb8483...) the value of msg.sender in Token.
So the snippet tokenContract.transfer(address(this),amt); within SimpleBank is trying to send SimpleBank's tokens. Not the user's (0xAb8483...) tokens.
This transfer of tokens (from point 2) reverts, because SimpleBank doesn't own any tokens. Which makes the top-level transaction (from point 1) revert as well.
If you want SimpleBank to be able to transfer 0xAb8483...'s tokens, 0xAb8483... needs to approve() the tokens first to be spent by SimpleBank. Directly from their address, so that they are msg.sender in the Token contract.
Only then SimpleBank can execute transferFrom(0xAb8483..., address(this), amt) (from, to, amount).
TLDR: Your contract can't spend tokens that it doesn't own, unless the owner has manually approved your contract to spend them.
If it could spend someone else's tokens without approval, it would be very easy to steal from people who can't/don't verify your source code (by spending their USDT, WETH and other widely-used tokens).

Fetch pair price from Uniswap using smart contract function

I am relatively new to Solidity, I am trying to fetch the price of a pair with the following contract:
contract Uniswap {
constructor () public payable {
}
function getBalance() public view returns (uint) {
return address(this).balance;
}
// calculate price based on pair reserves
function getTokenPrice(address pairAddress, uint amount) public payable returns(uint)
{
IUniswapV2Pair pair = IUniswapV2Pair(pairAddress);
IERC20 token1 = IERC20(pair.token1());
(uint Res0, uint Res1,) = pair.getReserves();
// decimals
uint res0 = Res0*(10**token1.decimals());
return((amount*res0)/Res1); // return amount of token0 needed to buy token1
}
}
but when I try to run on Remix the getTokenPriceit returns me the following error message:
The transaction has been reverted to the initial state. Note: The called function should be payable if you send value and the value you send should be less than your current balance. Debug the transaction to get more information.
Any idea why? I am trying to fetch the price of ETH/USDT so the using this website (https://v2.info.uniswap.org/pair/0x0d4a11d5eeaac28ec3f61d100daf4d40471f1852) and with the pair address at the end of the URL. Thanks for the help!
When you deploy a contract in Remix, it deploys to a local network. (By default. You can change it and deploy to mainnet as well, if you inject a production Infura provider for example.)
The Uniswap pair contract 0x0d4a11... does not exist on the local network.
The easiest solution is to deploy your contract on the mainnet (where the 0x0d4a11... Uniswap pair contract exists).
Or you can find another Uniswap pair on a public testnet (well-known are Rinkeby, Ropsten, Goerli, and Kovan), and deploy your contract on the same testnet. Don't forget to change the testnet address of the uniswap pair that you pass to your getTokenPrice() function.
Or you can deploy the Uniswap pair contract and all of its dependencies and change the dependencies addreses (which is a lot of work - my guess is that it's dependend on the Uniswap router contract, the actual token contracts of the pair, maybe they are dependend on some other contract, ...) to your local network. From here it's the same - deploy your contract to the local network, and call the getTokenPrice() with the correct pair address.
You may also invoke uniswap's Subgraph using javascript

How to prevent a token transfer in smart contract?

Is there any way to prevent token transfer from address A to address B in a smart contract? Let's say it needs some sort of approval from smart contract owner. Assuming it is not ERC-20 token.
There are many ways to implement such a restriction in your code logic.
For example, you could create a mapping with addresses that only the smart contract owner can add entries to. (Using an onlyOwner modifier). Then implement a require function that only permits the transfer if the address is in the mapping.
mapping (address=>bool) addr_mapping;
function transferToken(address sender, address receiver) public{
require(addr_mapping[sender] == true, "Sender not in mapping");
require(addr_mapping[receiver] == true, "Receiver not in mapping");
...
}
function addToMapping(address addr) onlyOwner {
...
}
PS. Not sure if the boolean comparison is possible, but you can create your own flag.

How to invoke a pre-installed contract in another contract

First I pre-install a contract A(address(A)). Then I install a contract B (address(B)) to invoke A by using call interface. Lastly I invoke the contract by using his address(x). I meant to use the address(x) to invoke A, but actually the address(B) invoke A. So how can I use address(x) to invoke A?"
pragma solidity ^0.4.21;
contract TransferERC20 {
event TransferEvent (
bool _flag,
string _invoiceId,
address _erc20ContractHash,
address indexed _from,
address indexed _to,
uint256 _value
);
function transfer(string _invoiceId, address _erc20ContractHash,address _from, address _to, uint256 _amount) public returns (bool) {
bytes4 methodTransfer = bytes4(keccak256("transfer(address,uint256)"));
if(_erc20ContractHash.call(methodTransfer, _to, _amount)) {
emit TransferEvent(true, _invoiceId, _erc20ContractHash, _from, _to, _amount);
return true;
}
emit TransferEvent(false, _invoiceId, _erc20ContractHash, _from, _to, _amount);
return false;
}
}
The above code intends to call ERC20 contract which is pre-installed on ethereum testnet. However I invoke failed because the address is changed to the the TransferERC20 address. How can I realize the transfer function by using the TransferERC20 callor's address. THKS.
The token holder first needs to set an allowance using approve on the ERC20 token for the TransferERC20 contract and only then can they call transfer on the TransferERC20 contract which should call transferFrom on the ERC20 token.
This requires two transactions, one for approve and one for transferFrom.
If you are creating ERC20 tokens you may want to look at the OpenZeppelin Contracts implementation to see if this meets your needs.
See the documentation for details: https://docs.openzeppelin.com/contracts/2.x/tokens#ERC20
Alternatively you could look at creating ERC777 tokens (no need to do approve and transferFrom in two separate transactions). See the documentation for details: https://docs.openzeppelin.com/contracts/2.x/tokens#ERC777
If you have questions on using OpenZeppelin you can ask in the Community Forum: https://forum.openzeppelin.com/
Disclosure: I am the Community Manager at OpenZeppelin