diff options
author | chriseth <c@ethdev.com> | 2016-09-07 18:20:35 +0800 |
---|---|---|
committer | chriseth <c@ethdev.com> | 2016-09-07 18:20:35 +0800 |
commit | 057db5984418f06282bba75875dc5cf5dbb30c4d (patch) | |
tree | cb00ff199893c417de1fbe753025ad3b8fddee67 /docs/security-considerations.rst | |
parent | 4f5a95d569408e6a0a94c54b1eb39ea62b873c5e (diff) | |
download | dexon-solidity-057db5984418f06282bba75875dc5cf5dbb30c4d.tar.gz dexon-solidity-057db5984418f06282bba75875dc5cf5dbb30c4d.tar.zst dexon-solidity-057db5984418f06282bba75875dc5cf5dbb30c4d.zip |
Review suggestions.
Diffstat (limited to 'docs/security-considerations.rst')
-rw-r--r-- | docs/security-considerations.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 4ada8545..a2f4ec4c 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -107,6 +107,11 @@ and stall those. Please be explicit about such cases in the documentation of you Sending and Receiving Ether =========================== +- Neither contracts nor "external accounts" are currently able to prevent that someone sends them Ether. + Contracts can react on and reject a regular transfer, but there are ways + to move Ether without creating a message call. One way is to simply "mine to" + the contract address and the second way is using ``selfdestruct(x)``. + - If a contract receives Ether (without a function being called), the fallback function is executed. If it does not have a fallback function, the Ether will be rejected (by throwing an exception). During the execution of the fallback function, the contract can only rely @@ -134,11 +139,6 @@ Sending and Receiving Ether means for the recipient to block progress in the sending contract. Again, the best practice here is to use a :ref:`"withdraw" pattern instead of a "send" pattern <withdrawal_pattern>`. -- Contracts currently cannot prevent that someone sends them Ether. - They can react on and reject a regular transfer, but there are ways - to move Ether without creating a message call. One way is to simply "mine to" - the contract address and the second way is using ``selfdestruct(x)``. - Callstack Depth =============== @@ -192,7 +192,7 @@ Now someone tricks you into sending ether to the address of this attack wallet: } } -If your wallet had checked ``msg.sender`` for authorization, it would get the address of the attack wallet, instead of the owner address. But by checking tx.origin, it gets the original address that kicked off the transaction, which is still the owner address. The attack wallet instantly drains all your funds. +If your wallet had checked ``msg.sender`` for authorization, it would get the address of the attack wallet, instead of the owner address. But by checking ``tx.origin``, it gets the original address that kicked off the transaction, which is still the owner address. The attack wallet instantly drains all your funds. Minor Details |