Last active
June 23, 2016 15:29
-
-
Save holiman/0b073d876fee2f040a01ee58992a4dd6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
contract DropBox{ | |
/* | |
Central Bank of Ethereum | |
A very minimalistic bank/dropbox where Ether can be sent. | |
This makes it simple for a service to pay recipients without directly | |
invoking any unknown (potentially hostile) contracts. | |
Instead, the value transfer becomes a 2-step handover, where the service | |
deposits to the bank, and the recipient cashes out later. | |
Drawbacks to this approach: | |
- Recipient wallet is not invoked (well, that's the point) | |
- The recipient cannot (on-chain) verify who made a deposit | |
@author Martin Holst Swende | |
*/ | |
mapping (address => uint) accounts; | |
// Const functions | |
function balanceOf(address a) constant returns(uint){ | |
return accounts[a]; | |
} | |
function credit() constant returns(uint){ | |
return accounts[msg.sender]; | |
} | |
// Deposit and withdraw | |
function deposit(address a){ | |
accounts[a] = accounts[a] + msg.value; | |
} | |
/* | |
There may be a point to include something like this, | |
so that at least off-chain it is easire to keep track of | |
payments | |
*/ | |
/* | |
function depositAndLog(address a){ | |
DepositEvent(a,msg.sender); | |
deposit(a); | |
} | |
*/ | |
/* | |
Withdraw - this is the default method. | |
When this is inoked, the money comes back. | |
It uses the 'unsafe' call with all gas, to allow for | |
arbitrarily complex wallets (but does so in a safe way) | |
*/ | |
function (){ | |
uint amount = accounts[msg.sender] + msg.value; | |
accounts[msg.sender] = 0; | |
if(amount == 0) return; | |
if ( !msg.sender.call.value(amount)() ) | |
{ | |
throw; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While I do like the pattern, I worry about users getting their money stuck because they use a dApp that uses this drop box via a wallet that can't make calls into this contract.
I recommend adding a function that can be called by anyone to trigger a withdraw into any address. This would allow a user to call into the mailbox with their account and trigger a withdraw of funds into their wallet. Also, the dApp owner could do the same on behalf of their users as a separate transaction so the user are shielded from even needing the know about the mailbox but the dApp owner doesn't put his app at risk.