New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
External Contract Calls / References #347
Comments
To summarize, our current suggestion is to implement contract references as a new type Some examples: item: contract {
foo(bool) -> bool
}
def __init__(_item: contract):
self.item = _item
def change_item(_item: contract):
self.item = _item lists/maps (this contract is deployed 1 per account and inter-contract communication happens) friends: contract {
receive_message(bytes <= 192)
}[num]
num_friends: num
messages: (bytes <= 192)[num]
num_messages: num
def add_friend(_friend: contract):
self.friends[self.num_friends] = _friend
self.num_friends += 1
def send_message(friend_num: num, message: bytes <= 192):
self.friends[friend_num].receive_message(message)
def receive_message(_message: bytes <= 192):
self.messages[self.num_messages] = _message
self.num_messages += 1 Further suggestions are:
|
The explicit type checking at the top stays very much in line with Viper's design philosophy of being easy on the reader, I like that. I wouldn't move that explicitness away into a scan later, as per suggestion 3. But, I do like suggestion 1 very much as a type of safety net and I feel this is actually a must, as else it would leave the reader open to be fooled, would it not? Also, could we add the small bit of context here that |
Well, I both agree and disagree with you that point. I think it is clearer now to see what the explicit types are you are checking for, plus it makes the compiler's job easier. But in the end, I believe the reader is more interested in the method name and where it is used, and the ancillary work of figuring out if the external contract method's types work with the one in the contract they might be less interested in, thereby willing to offload that work to the compiler/runtime environment. For now, as most of the functionality is unimplemented, I believe explicit is better. Yes, I think there is a potentially insidious attack that can be performed here if you create a reference to a contract that does not implement part of the methods specified, thereby "shutting down" access to methods other users might require (e.g. imagine a P.S. I updated to top comment to state that. Basically, |
Also, another thing that is enabled by implicit type checking via def get_currency_of(item: contract) -> currency_value:
return item.get_currency() # Type check occurs to ensure this meshes with return type Since I don't believe this adds any additional vectors of attack beyond whats already possible. |
Closing as this has extern contract calling has been implemented. |
What's your issue about?
This issue is a continuation of #297 (Please see it for context) and #335 for the current implementation.
Cute Animal Picture
The text was updated successfully, but these errors were encountered: