This repository has been archived by the owner on Jun 29, 2020. It is now read-only.
Third party Tokens can be sent to the contract with no way of retrieving them #126
Assignees
Labels
Comments
|
I'm not really sure how to implement this. I can't just send all the tokens to the caller, because then if A accidentally sends tokens to the contract, B can claim them. And I don't have a way to know that the contract received them from A. The only thing I can think of is to transfer them to the owner of the contract, and then the owner can send the tokens to the person that sent them. But this requires trusting the owner, and the cost of the transaction is not paid by the claimer. I'm not sure, but I think the linked contract (MiniMe) does something similar (but to a "Controller" instead of an owner). @phahulin Thoughts? |
|
We use it in many apps. E.g. claim tokens in the bridge. |
ghost
added
the
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Observation: It is possible for someone to transfer tokens to the contract address when they meant to send ETH. It is best practice to implement a function for the owner to retrieve tokens - An example is the claimToken() safety function in the latest version of MinimeToken claimToken() Example
The text was updated successfully, but these errors were encountered: