Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix misleading documentation (OpenZeppelin audit) #591

Merged
merged 3 commits into from
Jun 13, 2023
Merged

Fix misleading documentation (OpenZeppelin audit) #591

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
6d77af8
remove: claim that EIP-1559 is not supported
vladbochok Jun 13, 2023
d446f94
fix: call/send reentrancy info
vladbochok Jun 13, 2023
d8c1b7b
Merge branch 'main' into vb-fix-misleading-documentation
kailash-manasarovar Jun 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
15 changes: 10 additions & 5 deletions docs/dev/building-on-zksync/contracts/differences-with-ethereum.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -278,23 +278,28 @@ EVM legacy assembly example:

## Using `call` over `.send` or `.transfer`

Avoid using `payable(X).send`/`payable(X).transfer` because the 2300 gas stipend may not be enough for such calls, especially if it involves state changes that require a large amount of L2 gas for data. Instead, we recommend using `call`.
Avoid using `payable(addr).send(x)`/`payable(addr).transfer(x)` because the 2300 gas stipend may not be enough for such calls, especially if it involves state changes that require a large amount of L2 gas for data. Instead, we recommend using `call`.

Instead of:

```solidity
payable(X).send // or
payable(X).transfer
payable(addr).send(x) // or
payable(addr).transfer(x)
```

Use instead:

```solidity
(bool s, ) = call{value: x}("");
(bool s, ) = addr.call{value: x}("");
require(s);
```

This converts the `send`/`transfer` functionality to `call` and [avoids potential security risks outlined here.](https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/).
This converts the `send`/`transfer` functionality to `call` and [avoids potential security risks outlined here.](https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/).

:::note Be aware of reentrancy
While `.call` offers more flexibility compared to `.send` or `.transfer`, developers should be aware that `.call` does not provide the same level of reentrancy protection as `.transfer`/`.send`. It's crucial to adhere to best practices like the checks-effects-interactions pattern and/or use reentrancy guard protection to secure your contracts against reentrancy attacks. It can help ensure the robustness and security of your smart contracts on the zkEVM, even under unexpected conditions.
:::


## Libraries

Expand Down
6 changes: 0 additions & 6 deletions docs/dev/fundamentals/interacting.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,12 +52,6 @@ In order to add the zkSync Era alpha mainnet network to your wallet, you will ne

5. Click "Save"

## Why are Metamask native contract interactions not working?

It is not currently possible to interact with zkSync Era smart contracts via Metamask with EIP-1559 transactions. zkSync Era does not support EIP1559 transactions.

**Solution.** Explicitly specify `{ type: 0 }` in transaction overrides to use Ethereum legacy transactions.

## zkSync Era Support

You can open a support ticket in `💻🧪│dev-support-beta` or ask any questions in `🖥│dev-general`
Expand Down