abbbe / b9labs-eth20-proj1 Goto Github PK

You are comparing apples and oranges gas and weis. .gasUsed * tx.gasPrice, yes, that gives you weis.

• add memory/storage keywords to internal function parameters
• use memory when invoking functions, where possible
• measure impact of these changes on execution cost
• use memory for temp vars
• to avoid internal transaction
• compiler optimization

xavierlepretre 4 hours ago:

Talking to 2 untrusted addresses in 1 tx is an anti-pattern.
Non-only can the other sabotage the whole tx by calling revert(), but more importantly, by handing over the execution, it is possible for the other address to call back on your contract, aka reenter, and possibly do things.
So it is better to find a way to not break the pattern of 1 tx - talk to 1 or fewer untrusted addresses.
How?

Actually, you should not use the deployed instance, which is meant for Ropsten, say. Yes, you can check that it was deployed according to your specs, i.e. the migration file is correct. But for the other tests, you should do beforeEach(... Splitter.new and use that instance. Otherwise your its depend on the previous one passing.

34a540b#commitcomment-27191610

#2

• _authorizeWithdraw

9d72e3a#commitcomment-27191662

hafezoa/splitter@f7e5c94#diff-530a8ab4ea749aeb41375718624a8ad6R53

transfer() has gas limit to mitigate reentry attack.
but attacker can bump up gas, right? xxx.value(123).gas(100000)(args);

343d2cb#diff-c19cc570d3d19c99fa4b07e152254163L63

Make the contract a utility that can be used by David, Emma and anybody with an address to split Ether between any 2 other addresses of their own choice.

Deployed on rinkeby: 0x8849cddf20779c0bf0e65ef3aab4bee070299d29

Test accounts:

• TEST 0xe2DBC1817A18d345d051a348ceF998f3c14C2033
• Alice 0xdFb73a488f8a9A45E9ac2B433E061ee60AB2fEde
• Bob 0xdDDCd59331363191a2e9788212962A7EA7D9b4e1
• Carol 0x1028CCbE83dCebb568152f747AEfD4f3fe29b046

https://gist.github.com/xavierlepretre/d5583222fde52ddfbc58b7cfa0d2d0a9