0

if I got it right smart contracts do not have a private key, so they can not sign transactions. The first transaction is signed buy the user and if a contract calls another contract and so on, those transactions are also signed buy the user. So, what if we have two ERC20 contracts A and B and B holds some A tokens.

contract A{
....
//balance of contract B
balanceOf[0xE4e5a16C8fx207a07f7df98e3a85e2067feacB9w]=500;

function transfer(address _to, uint256 _value) public {
        _transfer(msg.sender, _to, _value);
    }
....
}

contract B{
    //address this=0xE4e5a16C8fx207a07f7df98e3a85e2067feacB9w
}

What if some user pretend to to be a contract B calling contract A? I mean he will sign the sequence of transactions where the last one would not come from the contract B, but contract A will think so.

It will look like this:

{
  data: "0xa9059cbb000000000000000000000000cf2ee9c0dccd39aac2fd44b744270f50f8af13b00000000000000000000000000000000000000000000000000000000000000064",
  from: "0xE4e5a16C8fx207a07f7df98e3a85e2067feacB9w ",//address B
  gas: 210000,
  gasPrice: 1,
  nonce: "24",
  to: "0xa6d90569018967c5esc7d056f74eg4hc3j8ae93" //address A
}

If he do so, it is possible for him, using function transfer in contract A and passing in it his own address to steal tokens from contract B balance in contract A.

So am I right and this is really possible or I made a mistake somewhere? And if it is possible, how in this case a contract can own tokens of other contracts?

Илья Черников
  • 1
  • 1

2 Answers2

0

Yes, contracts can own tokens.

The transaction you specified won't work; you can't just pick a from address. A transaction is sent from an externally owned account (EOA), meaning an account that has a private key. And only the person with that private key can sign such a transaction. See if this blog post helps: https://programtheblockchain.com/posts/2017/12/29/how-ethereum-transactions-work/.

user94559
  • 59,196
  • 6
  • 103
  • 103
  • Yes of course, the first person(say Bob) who sends a transaction signs it. For example he can execute some function in contract B, and after this contract B will execute function transfer in contract A. BUT contract B does not sign a transaction, so contract A receives a transaction where msg.sender=contract B, signed by Bob. So why Bob can not just send a signed transaction to contract A without interacting with contract B and fill the field "from" with address of contract B? – Илья Черников Mar 14 '18 at 14:53
  • "why Bob can not just..." because it just doesn't work that way. Any transaction Bob sends is "from" Bob, meaning `msg.sender` is Bob. – user94559 Mar 14 '18 at 18:04
  • Ok, can you please explain me why it doesn't work like that. In ethereum network all participants communicate with messages. ..... – Илья Черников Mar 15 '18 at 12:05
  • ... Message is just a json structure, signed by the person. This message is broadcasted to the network to all other nodes. So you can form this message buy yourself(not using geth or MyEherWallet), sign it and broadcast. So, if the message can not be signed buy a contract why you can not just form the message where you will write, that firstly you execute some function on a contract and then THAT CONTRACT execute a function on another contract(just write it, not really do it), sign it and broadcast to the network? – Илья Черников Mar 15 '18 at 12:05
  • The basic security of Ethereum transactions is that they're _from_ the account that signed the message. If this were changed, what would stop me from sending a transaction to transfer all your ether to me? – user94559 Mar 15 '18 at 12:42
  • IT IS OBVIOUS. All transactions are from the account that signed message. And only the first person who sends a transaction signs them. But this is not an answer to why the first person, who signs a transaction can not signed a sequence of messages where the second message will be a fake. – Илья Черников Mar 15 '18 at 15:17
  • I don't know what "sign a sequence of messages" would mean. – user94559 Mar 15 '18 at 17:53
0

I think I found an answer to my question. A first person, who signs a sequence of messages can not cheat and substitute the second message, because when nodes will validate his actions they will all run this sequence of messages on their EVM and if the second message is not valid(i.e it is not coming from the contract) the state will not change.

Илья Черников
  • 1
  • 1