NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Address: explain dangers of isContract (#2994)

Browse Source 
Co-authored-by: Ivo Georgiev <ivo@strem.io>
This commit is contained in:
Francisco Giordano
2021-12-08 20:10:40 -03:00
parent 8ef7655e7b
commit 04109f8bee
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
contracts/utils/Address.sol
View File

@ -23,6 +23,15 @@ library Address {
* - an address where a contract will be created * - an address where a contract will be created
* - an address where a contract lived, but was destroyed * - an address where a contract lived, but was destroyed
* ==== * ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/ */
function isContract(address account) internal view returns (bool) { function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in // This method relies on extcodesize, which returns 0 for contracts in