Previously, we had our smart contract that simply blindly sent Ether to the one who called smart contracts „withdraw money.“ Let`s expand this a bit so that the money can be sent to a specific account. Exit the Python shell and check the contract balance or, more precisely, the balance of the address of this contract instance: the „from“ key of the transaction is this new_account, the depreciator. Type: Can you guess the right way to remove ether from the donor? You can dive a little into what you`ve done so far. The following is an example of the withdrawal model in practice in a contract where the goal is to send the most money to the contract to become the „richest“, inspired by the king of ether. Do not sweat the lost ether. After all, what are 113 dummy ethers out of a billion ethers in your local Horton chain. With the Horton channel, you can absolutely afford it. And if that prevents you from losing the real Ether on Mainent in the future, then the cost-benefit ratio of this lesson is excellent. I wish we could pay for more lessons with fake ether if we were asked (but no one asks for it). If you want to try it yourself first, then we extend the smart contract and save the „block.timestamp“ somewhere. Withdrawals can only be made if the „block.timestamp“ during the withdrawal is greater than the previously stored timestamp + 1 minute (this is a globally available constant in Solidity) Transfer one billion Ether from your Coinbase account to the new account: In addition to the „official“ balance, the contract manages a status variable total_donations, which should be the same. The above contract can be represented in an unusable state where the richest is a contract with a failed backup function. If the fallback function fails, the becomeRichest() function also fails and the contract crashes forever.
To mitigate this problem, we can use the payment model. This is a very naïve way to manage money just for the sake of demonstration. In the next chapter, we limit the withdrawal only to the contractor. Usually, contracts track the beneficiaries and the money they are allowed to withdraw. DonationsTotal and the rest are located in Wei. The DeWei web3 API converts it to Ether. Beautiful new shale contract not described, with zero donations. Told you: These 113 ethers in the dispenser are lost You can restrict read access to the status of your contract through other contracts. This is actually the default unless you declare your state variables public. Unlike traditional software code, the smart contract is stateful. The code is saved with a status.
And this state is synchronized with the entire network. The state cannot be changed without an appropriate transaction that is valid, degraded, contained in a block and accepted by the network. Without a way to accept a transaction that frees up money, the donor will simply continue to hold those 113 ethers. In other words, they are lost. First, we will check the balance. The balance of an Ethereum account is stored as blockchain status for an address, whether that address has a contract or not. The recommended method to send money after an effect is to use the payment model. Although the most intuitive way to send Ether due to an effect is a direct transmission call, this is not recommended as it poses a potential security risk. For more information, see Security Considerations. The contract has no way to remove Ether. If you, as a contract writer, do not implement a way to withdraw money or transfer it to another account, there is no built-in way to free up the money.
Ether is stuck forever on the balance of the contract. When it comes to blockchain, these 113 ethers stay in balance with the donor`s address, and you can`t use them. In the payment model, we will reset the unpaid amount before each transfer. This ensures that only the appellant`s contract fails. We know that the contract is already provided, so the return tuple is get_or_deploy_contract for a contract already provided (contract_obj, None). The modifier can be ignored. This only applies to Solidity before version 0.4.0: since modifiers are applied simply by replacing the code rather than using a function call, the transitionNext modifier code can be ignored if the function itself uses return. If you want to do this, be sure to call nextStage manually from these functions.
Starting with version 0.4.0, the modifier code is executed even if the function is explicitly returned. Click on the „RemoveMoneyTo“ button and see what happens! Wow, nothing 🤣. Well, only on the surface! Next, I would like to write a short smart contract that only allows a withdrawal if the last deposit is more than 1 minute ago. Anyway. Let`s come to a fixed contract with the possibility of withdrawing the money. The payment model ensures that no direct referral calls are made, posing a security threat. The following contract shows the insecure use of the transmission call to send Ether. When Donator2 executes send(this.balance), the beneficiary contract has the option to perform its fallback and take control of the execution.
In the backup solution, he can call Donator2 again before the transmission line is finished, but the money has already been sent. This is a re-entry attack. To avoid this, any change in state must occur before sending. To withdraw money, the withdrawal account must send a transaction. If this transaction succeeds, the state of the blockchain changes: the contract account sends Ether, another account receives it. Why is there 101 Ether and not 100.999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999 Because we sent a transaction from account #1 to smart contract and asked smart contract to send all funds stored at the smart contract address to the third account in your account list. Gas costs were paid from account #1. Account #3 has 1 Full Ether! An example of this is a blind auction contract, which starts in the „Blind Acceptance of Bids“ phase and then moves on to „Reveal Bids,“ which ends with „Determine the Outcome of the Bid.“ In addition, you can restrict who can make changes to the state of your contract or access the features of your contract, and that`s the topic of this section.
Restricting access is a common model for contracts. Note that you can never prevent people or computers from reading the content of your transactions or the status of your contract. You can make things a little more difficult by using encryption, but if you want your contract to read the data, everyone will do it too. As an exercise, add tests to test the withdrawal features on Donator2. Contracts often act like a state machine, which means they have certain phases in which they behave differently or in which different functions can be called. .