0

I am new in web3 JS and using this code to Claim token from my smart contract to users.

It's working fine, on button click metamask will open and user pay gas fee and token claim will be done, but where is security? anyone copy this code and CONTRACT ADDRESS and CONTRACT ABI and token will be transfer to that user. How to manage this things?

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Web3 Claim Function</title>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/web3/1.6.1/web3.min.js"></script>
    <script src="https://unpkg.com/@metamask/legacy-web3@latest/dist/metamask.web3.min.js"></script>
  </head>
  <body>
    <input type="number" name="" id="amount" placeholder="amount" />

    <button type="button" onclick="claim()">CLAIM NOW</button>

    <div id="status"></div>
  </body>
  <script>
    const CLAIM_CONTRACT_ADDRESS = "Claim contract address here....";
    const CLAIM_CONTRACT_ABI = [ABI data here.... ];

    var web3 = null;
    var instance = null;
    var chainId = null;

    async function changeToMain() {
      await ethereum.request({
        method: "wallet_switchEthereumChain",
        // params: [{ chainId: "0x38" }], //MAIN BSC
        params: [{ chainId: "0x61" }], //TESTNET BSC
      });
    }

    async function claim() {
      let amt = $("#amount").val();

      //   Creating web3 instance with metamask wallet provider
      web3 = new Web3(Web3.givenProvider);

      await Web3.givenProvider.enable(); // waiting for metamask provider connectivity

      //   Get your metamask wallet provider Chain ID
      chainId = await web3.eth.getChainId();

      //   Request for get wallet address from metamask
      await ethereum
        .request({ method: "eth_requestAccounts" })
        .then(async (account) => {
          if (chainId != 97) {
            await changeToMain();
          }

          //   Claim contract web3 instance
          instance = new web3.eth.Contract(
            CLAIM_CONTRACT_ABI,
            CLAIM_CONTRACT_ADDRESS
          );

          //   sending claim function tx from metamask selected account
          instance.methods
            .claim(account[0], web3.utils.toWei(amt, "ether"))
            .send({ from: account[0] })
            .on("transactionHash", async (hash) => {
              // get tx hash
              console.log(hash);
            })
            .on("receipt", async (receipt) => {
              // receipt.status will return your tx status. true & false
              console.log(receipt.status);
            });
        });
    }
  </script>
</html>
Yogesh Saroya
  • 1,401
  • 5
  • 23
  • 52
  • Please see [ask] for a refresher, then revise your post title to ask a clear, specific question. Don't add tags. – isherwood Sep 09 '22 at 15:49

0 Answers0