Hi guys how can I prevent some contract from depositing to my contract? Meaning only user could deposit.
Dec 26, 2021, 11:55 AM
require msg.sender == tx.origin
Dec 26, 2021, 12:39 PM
There is a method from opezeppelin contracts in library Address, called isContract
Dec 26, 2021, 12:59 PM
Check if the address has a creation code. But know that contracts during construction have no codes either. Openzeppelin has Address library but be sure to go through the notes.
Dec 26, 2021, 1:06 PM
Thx I'll take a look
Was my idea but it can be exploited
However I'm going to check this beside other criterias just for deposit function. So it's not a big risk at all.
Dec 26, 2021, 1:15 PM
you can also use tx.origin
Dec 26, 2021, 1:16 PM
If its just for prevention, use the tx.origin. For detection, isContract is better
tx.origin breaks some security patterns though
Dec 26, 2021, 1:17 PM
I'm going to use isContract
Dec 26, 2021, 1:17 PM
tx.origin could be bypassed with constructor =)
Dec 26, 2021, 1:23 PM
could u show an example?
Dec 26, 2021, 1:24 PM
nvm sorry, i confused it with another issue
anyway, found an interesting topic
https://docs.soliditylang.org/en/v0.4.24/security-considerations.html#tx-origin
https://ethereum.stackexchange.com/questions/15641/how-does-a-contract-find-out-if-another-address-is-a-contract
https://docs.soliditylang.org/en/v0.4.24/security-considerations.html#tx-origin
https://ethereum.stackexchange.com/questions/15641/how-does-a-contract-find-out-if-another-address-is-a-contract
Dec 26, 2021, 1:34 PM