台中不只談DAO

2017-07-21 19:00~21:00

DAO CAFE

Photo Credit: Jonatan Pie (@r3dmax) on Unsplash

Facebook討論

多麼痛的領悟

Re-Entrancy — Solidity

// THIS CONTRACT CONTAINS A BUG - DO NOT USE
contract Fund {
    /// Mapping of ether shares of the contract.
    mapping(address => uint) shares;
    /// Withdraw your share.
    function withdraw() {
        if (msg.sender.send(shares[msg.sender]))
            shares[msg.sender] = 0;
    }
}

先扣再說

Re-Entrancy — Solidity

contract Fund {
    /// Mapping of ether shares of the contract.
    mapping(address => uint) shares;
    /// Withdraw your share.
    function withdraw() {
        var share = shares[msg.sender];
        shares[msg.sender] = 0;
        msg.sender.transfer(share);
    }
}

黑帽與白帽

White Hat

Update on the White Hat attack:ethereum

initWallet

Fix initialisation bug.

function initWallet(address[] _owners, uint _required, uint _daylimit) {
    initDaylimit(_daylimit);
    initMultiowned(_owners, _required);
  }

only_uninitialized

Fix initialisation bug.

 // throw unless the contract is not yet initialized.
  modifier only_uninitialized { if (m_numOwners > 0) throw; _; }

  function initWallet(address[] _owners, uint _required, uint _daylimit) only_uninitialized {
    initDaylimit(_daylimit);
    initMultiowned(_owners, _required);
  }


https://dltdojo.org
熵熱踢道場開源專案
開發者:林忠義 (JOYE LIN)