Cart is empty
Ethereum: How to correct the “view” error using the function status mugbum
2018 February Ethereum Blockchain found a critical error that affected the “retreat” function “Mainnet”. This issue was related to the mutation of a function state, namely the “only” modifier that was designed to limit access to functions that have non -image functions.
Error “just a review” occurred while trying to withdraw the funds from the wallet. This error has revealed the vulnerability of the system, allowing the attacker to drain the account balance without escaping the gas limits or activating the re -center attack.
Understanding a function of status mugbuma
Function status thinking means the concept of modifying the variables of the function output, which can lead to unexpected risk of behavior and security. Ethereum features with non -image features are considered to be modified by default, and only the features for viewing are not interchanged by design.
The “only” modifier is used to restrict access to functions that modify the contract status or its storage. However, this does not prevent all possible attacks; In fact, this prevents only certain types of attacks.
“just a review” error
In the context of the “abolition” function, the question arose when attempted to withdraw from the funds without verifying whether the consumer had completed his or her operations (i.e., the contract status was completed). If the consumer attempted to withdraw before performing all operations, the gas limit would be exceeded and the operation would fail.
To correct this error, the “Recipate” function is modified as follows:
`Solidarity
Function withdrawal () only external nowner {
If (block.timestamp
to return the collector ();
}
}
`
Using the “only” modifier, we ensure that only the contract owner can try to withdraw the funds. This prevents the attacker from draining the account balance without provoking the gas limits.
Additional Recommendations
1
2.
- Document Addictions : Make sure you document all external addictions, including libraries and other intellectual contracts, to avoid the introduction of safety vulnerability.
Conclusion
The “Recovery” function was a critical error that revealed the vulnerability of the Ethereum circuit. Understanding how this problem arose and modifying the feature that uses only Towner modifier, we can significantly reduce the risk of similar mistakes that occur in the future. Remember to regularly review and verify your contracts, carry out safe coding practice and document addictions to ensure the security and integrity of Ethereum -based programs.
Leave A Comment