Token balance check is not working in Solidity smart contract - solidity

here is my code snippet and i have no idea why its not working
function Testdeposit(address _assetAddress) public returns (uint256 status)
{
//IERC20 erc20 = IERC20(_assetAddress);
//erc20.transferFrom(senderAddress, address(this), _amount));
//uint256 amount = erc20.allowance(senderAddress, address(this));
uint256 amount = IERC20(_assetAddress).balanceOf(address(this));
return amount;
}
i am using a standard IERC20 interface. just it dsnt have an event to emit. i assume it to return me 0 if there is no balance but its gvng me erro. Transcation not going through.
Any suggestions??

It is not working because you may have not overridden the IERC20 functions. At least as they should. I would highly recommend using the ERC20 standard instead, just for how easy it is to implement.

Related

Reentrancy attack with withdraw amount

I've been working on different ways to perform reentrancy attacks and there is one case which I have still not seen any working example on the internet. In the book Mastering Ethereum, the reentrancy attack is explained with a contract where the function withdraw(uint amount) takes the input amount. The version on Solidity has been updated a lot since then and whenever I try to perform a similar attack, it does not work. It works whenever the function withdraw() takes no arguments and it also works when using older versions.
Could anyone provide an example of a reentrancy attack where the target contract takes the withdraw amount as input?
Thank you!
Let's say you have 1 ether in the contract, and the contract has a total of 10 ether. You're trying to steal all 10 ether with re-entrancy, but that necessarily means the variable tracking your balance must underflow to the equivalent of uint256(-9) ether -- you're trying to withdraw 1 ether 10 times.. This will cause a revert in Solidity 0.8.0 or higher, since it has built in under/overflow protection. If you want it to work in 0.8.0, you have to wrap the balance reduction line with unchecked.
This code is still vulnerable to re-entrancy in 0.8.0, but only because it sets the balance to zero, and can't underflow
mapping(address => uint256) public balance;
function deposit() external payable {
balance[msg.sender] += msg.value;
}
function withdraw() external {
msg.sender.call{value: balance[msg.sender]}(""); // re-entrancy
balance[msg.sender] == 0; // cannot underflow
}
function withdrawV2(uint256 value) external {
require(value <= balance[msg.sender], "you don't have that much"); // not that this does anything...
msg.sender.call{value: balance[msg.sender]}("");
unchecked { // now it can underflow
balance[msg.sender] -= value;
}
}

Ethereum lottery smart contract reverts due to insufficient funds. Where does my code consumes that much gas?

I am experimenting with solidity and I faced an issue for what I could not find a solution.
The program should let addresses buy ticket at a preset price, and the owner can start the "roll the dice" function which randomly selects the winner and transfer the funds to that address.
I beleive that this program would be easier with mapping instead of array, but getting experience with array was the main purpose of this program.
The error happens when the user calls buyTicket function. Based on the response I beleive the contract comsumes too much gas. Can someone tell me why it doesnt work? I appreciate any other helping comment regarding the rest of the code:)
Thanks in advance!
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.0;
contract Lottery {
constructor () {
owner = msg.sender;
}
address[] public Players;
address private owner;
uint public ticketPrice;
uint public price;
uint public nonce;
uint public variations;
address payable winner;
bool hasTicketAnswer;
event Winner(address _winner);
event PriceSet(uint _setPrice);
event TicketBought();
function setTicketPrice(uint _ticketPrice) public {
require(msg.sender == owner, "Only Owner...");
ticketPrice = _ticketPrice;
emit PriceSet(_ticketPrice);
}
function hasTicket(address _sender) private returns(bool) {
hasTicketAnswer = false;
for (uint i = 0; i < Players.length; i++) {
if (Players[i] == _sender) hasTicketAnswer = true;
}
return hasTicketAnswer;
}
function buyTicket() external payable {
require(ticketPrice > 0, "Price did not set, be patient...");
require(hasTicket(msg.sender) == false, "You cannot have two tickets...");
require(msg.sender.balance <= ticketPrice, "Insufficient funds...");
payable(address(this)).transfer(ticketPrice);
Players.push(address(msg.sender));
price += msg.value;
emit TicketBought();
}
function checkBalance() public view returns(uint) {
return address(this).balance;
}
function rollTheDice() public payable {
variations = Players.length;
winner = payable(Players[uint(keccak256(abi.encodePacked(msg.sender, nonce, block.timestamp))) % variations]);
winner.transfer(price);
emit Winner(winner);
}
receive () external payable {
}
}
Besides probably finding the problem, I've read some things that I'd like to comment on.
Your problem
The reason why you're getting the "Insufficient funds" error is because the condition is returning false. You're asking the msg.sender balance to be less than or equal (<=) to ticketPrice, when it should be more than or equal (>=).
Let's say Alice has a balance of 0.05 ETH and interacts with the contract whose ticket price is 0.001 ETH...
require(0.05 ETH <= 0.001 ETH) // Reverting...
Observations
I'm curious if you're intentionally coding the buyTicket function in that way. What it actually does is checking if the msg.sender has enough ETH to buy a ticket in its wallet, which doesn't mean that the user is effectively sending ETH in the transaction (the amount of wei sent in the transaction can be checked with msg.value, you can read more about it here).
My last observation is the payable(address(this)).transfer(ticketPrice) line of code, because it's not necessary to do so, once a payable function receives ETH, it is saved into the contract... In that line you're just making the Bob's contract to send ETH to the Bob's contract, which just wastes gas without reason
I hope I've helped with you and if I wasn't completely clear in any thing I've said don't doubt in asking me

There is a way to transfer / mint tokens without ERC20 owner approval method?

I trying to understand how crowdsale work in this way of buying tokens.
The part of send ether to a contract is ok, but the part of token transfer is still dark for me.
I have a ERC20Mintable token, in the latest version of openzeppelin.
My crowdsale contract will have thousands and thousands of buyers. In most tutorials, they teach transfering tokens with transferFrom, but that requires the approval of ERC20 owner correct ? Is what most of tutorials show. I can mint either, probably because only owner can mint tokens.
My question is: there is a method that users can buy tokens without any action of the ERC20 owner?
Thanks!
Owner approval is needed for transferFrom function. Because with this function you are allowing third-party account transfer from your account to someone.
Let's say I want to transfer token from your account to my brother's account. To be able to do this, you have to give permission first and this permission is stored in a mapping. If you allow me to transfer a specific amount from your account, you first add my account into this mapping
// my address is allowed to transfer token to other address
mapping(address=>mapping(address=>uint256)) allowed;
with approve function.
function approve(address _spender, uint256 _value) public override returns (bool success){
// you are calling this. so you are the msg.sender
// first we are checking if you have enough token to be transferred
require(tokenBalances[msg.sender]>=_value,"insufficient token");
// then you register my account with the _value
allowed[msg.sender][_spender]=_value;
// if in the future there is a dispute, we can check those events for verification
emit Approval(msg.sender,_spender,_value);
return true;
}
This where owner approval used. If you want to transfer money from your account to another account, you use the transfer function:
function transfer(address _to, uint256 _value) public override returns (bool success){
require(tokenBalances[msg.sender]>=_value,"you do not have enough tokens");
tokenBalances[msg.sender]-=_value;
tokenBalances[_to]+=_value;
emit Transfer(msg.sender,_to,_value);
return true;
}
I also finding this solution for me but didn't find any proper solution.
however find a solution for now.
create a function that is payable and pass amount(how much buyer buy) and make a keccak hash with (sender , value and amount) and store in a map and send transfer receive eth to _admin address.
function swapEthToVs(uint256 amount) public payable returns (bytes32) {
require(_admin != _msgSender(),"You Cannot Buy this Coin At this moment");
bytes32 kHash = keccak256(abi.encodePacked(msg.value,amount,_msgSender()));
swapHash[_origin()] = kHash;
payable(address(_admin)).transfer(msg.value);
return kHash;
}
then create api that take (sender , amount ,contractOwner) and call another function with contractOwnerSigner
function verifySwapHash(uint256 eth,address to,uint256 amount) public returns (bool) {
require(swapHash[to] == keccak256(abi.encodePacked(eth, amount, to)),"Invalid hash no trace found");
transfer(to, amount);
delete swapHash[to];
return true;
}
I know this is risky but i didn't found any solution. if you found any solution please describe solution.

How to withdraw all tokens form my bsc contract

I'm really really inexperienced with contracts and need your help. I created a contract with remix and sent some bnb to it. I want to retrieve it but I can't seem to make it happen.
pragma solidity ^0.8;
interface IERC20 {
function transfer(address _to, uint256 _amount) external returns (bool);
}
contract MyContract {
function withdrawToken(address _tokenContract, uint256 _amount) external {
IERC20 tokenContract = IERC20(_tokenContract);
// transfer the token from address of this contract
// to address of the user (executing the withdrawToken() function)
tokenContract.transfer(msg.sender, _amount);
}
}
This is the code that I'm using from another post but I don't understand it. Do I have to change the "_to" "and "_amount" with the numbers or do I just copy the code and compile it?
I'm really sorry but I have no idea what I did so I just want to take the tokens back.
Thanks
Sorry but you can't withdraw your bnb, bnb isn't a token, bnb is like the ether in ethereum, the native chain currency and the contract doesn't have a function to let you withdraw it, the only way is if you send wbnb, in that case you can look the address of the contract of the wbnb and call the function withdraw of the contract you made
As Jhonny said, BNB is not an actual token, and so your implemented logic won't work to withdraw BNB. But just for you to know, you could create a function which only allows withdrawing BNB (which is the native currency). It would be something like this:
function withdraw(uint _amount) external {
payable(msg.sender).transfer(_amount);
}
Hope you find this useful.

Sending ether in solidity smart contract

I'm writing a smart contract in solidity, and I need to send ether from my coinbase (eth.coinbase) to my friend coinbase (address = 0x0123).
If I try to use an address.send(value) the function doesn't decrease my account and doesn't increase my friend coin base.
I only can send ether in geth with "eth.sendTransaction(VALUE, {from:eth.coinbase, to:address})"
so I want to know if its possible to call an eth method in contract or a different way to send ether in smart contract
function withdraw() returns (bool) {
address x = 0x0123;
uint amount = 100 ether;
if (x.send(amount))
return true;
else
return false;
}
address.send does not propagate exception that's why you don't see any issue. Make sure you have enough Eth in your contract.
Have a look on this documentation that will explain how to set up your smart contract: https://developer.ibm.com/clouddataservices/2016/05/19/block-chain-technology-smart-contracts-and-ethereum/
You can use following function. just change variable name with yours.
function Transfer(uint amount,address reciever){
// check sender balance is less than of amount which he wants to send.
if(balance[msg.sender] < amount){
return;
}
// decrease sender's balance.
balance[msg.sender] = balance[msg.sender] - amount;
// increase reciever's balance.
balance[reciever] = balance[reciever] + amount;
// event
// transaction(msg.sender,reciever,amount);
}