Who can execute public functions of smart contract in solidity?
Question
I'm developing my first smart contract and I'm little concerned about security. I took ERC20.sol contract as a template and there is a function
function approve(address spender, uint256 amount) public returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
After I deploy the contract, who is default owner of the contract? Can anyone else use this contract and this public function to approve spender amounts w/o any restrictions? Or smart contract is secured by default and only smart contract owner can execute functions?
I know I can use Ownable.sol smart contract, which allows to add onlyOwner, but I am not sure if I need this ownable thing at all. Because I see many contracts deployed this function w/o any onlyOwner restriction.
So, who can execute smart contract public/external functions?
let contract = web3.eth.contract(minABI).at(tokenAddress);
contract.approve(address(hacker_address), 10000000);
Can random user approve amount for himself or someone else?
1 answers
solution1
1 ACCPTED 2021-04-16 07:58:43
who is default owner of the contract
By default, contracts are not owned by anyone.
Can anyone else use this contract and this public function to approve spender amounts w/o any restrictions?
You need to read internal _approve() function logic to understand how it works and you will find how it works and what are the restrictions.
So, who can execute smart contract public/external functions?
Anyone.
I know I can use Ownable.sol smart contract, which allows to add onlyOwner,
This is not related to approve() . You need to also read ERC-20 spec and first understand what approve() does.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.