Comments (7)
I investigated this some more, and because we use CALL
and don't have a in memory stack like solidity. In it's current iteration vyper can not have this issue.
However this is something to consider when we make a decision with regards to #901 .
from vyper.
@Dexaran You're on it! This is a huge problem, I think this problem will be easier to deal with once we have the functionality to make calls to other contracts in place. Then I'll start by trying to come up with a failing test case similar to the one you made in Solidity.
from vyper.
As a fancier solution, implementing a basic verification stage type checking all return values in the function's control flow path would be useful to provide programmer feedback to a bad contract.
from vyper.
Adding this to Fix up the beta project, so some time can be taken to investigate and see if we can avoid this.
from vyper.
@jacqueswww @DavidKnott You should be careful here: ethereum/solidity#4116
Many ERC20 contracts including OMG do not return booleans as specified in the ERC20 standard. If you have a contract with a common interface for all ERC20s that expects boolean return values for transfer()
, approve()
, and transferFrom()
and enforce that any call using that interface has to return either True or False, all calls to the OMG token contract (and several other tokens) will revert. This is problematic for many DEX designs.
EDIT: did some digging. Apparently its at least 130 tokens affected.
from vyper.
Interfaces should be implemented exactly as designed, 💯 agree on that. I am curious if the random stack value return influences this at all because sometimes the value will be non-zero, and that would be difficult to debug. Your suggestion to enforce call return values as the interface specifies should absolutely be enforced.
I don't know if this solves the problem here though, as the OP notes it will return without throwing random values from the stack.
from vyper.
@fubuloubu I wasn't necessarily suggesting it. I was saying if it is enforced over 130 tokens currently on EtherDelta will no longer be able to be transferred using the standard ERC20 interface.
from vyper.
Related Issues (20)
- Kessak algorithm implementation may be vulnerable HOT 2
- Support for arm64 architecture HOT 1
- VIP: move builtin interfaces to `ethereum.ercs` HOT 2
- allow `range(x, y, bound=N)` HOT 1
- VIP [DRAFT]: allow overloaded functions
- Is the `unsafe_div` divide by zero result correct? HOT 2
- Internal Compiler Error When Compiling Oracle HOT 1
- improve error messages wrt module namespacing
- method_id Compiler Error
- VIP [DRAFT]: Safely expose `DELEGATECALL` HOT 7
- VIP: disallow the use of `self` as an address HOT 7
- VIP: add new built-in function `raw_create` HOT 1
- VIP: `__script__()` function
- VIP: native asset types HOT 14
- setval/getval dunder methods HOT 1
- VIP: stateful singleton modules with ownership hierarchy HOT 8
- VIP: instantiable stateful modules HOT 2
- update sphinx version HOT 1
- concat builtin can overrun memory
- VIP: new `@deploy` visibility
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vyper.