Ashish Meena Blog
Enhancing Security with receive() and fallback() in Ethereum Contracts (Part-1)

Enhancing Security with receive() and fallback() in Ethereum Contracts (Part-1)

Ashish Meena's photo
Ashish Meena
·

4 min read

Table of contents

INTRODUCTION

Hey everyone I am back with a new article about the receive and fallback function. I will explain everything about these two functions in easy wording.

RECEIVE FUNCTION

First in short if we create a receive function in our contract then the contract can receive ethers. But you might be thinking we can do this same thing by creating our function payable then what is special in the receive function? First of very good question if you think by yourself. Don't worry that is why I am writing this article to clarify all your doubts regarding this.

Let's first create a contract that is receiving the ethers.

//SPDX-License-Identifier: MIT
pragma solidity > 0.5.0 < 0.9.0;

contract normal{
    function receiveEth() public payable {}
}

The above contract is just accepting the ethers if someone is trying to send by calling this "receiveEth" function and the received amount is added to the contract address. You can see in the below image 10 ether is added to the contract balance.

But In this contract, There is one problem. If someone comes and the function inside the contract by using our UI or another contract call receiveEth function and sends ethers to our contract then there is no problem with that. But suppose there is a situation where a person named "Roy" is trying to transfer ether through a wallet and paste our contract address in the send to field then there is a problem. What is it? Let's see by doing it. I am going to copy the address of this contract open my metamask and try to send ethers. But before that, I need to deploy this contract on the test network so I can interact with the contract.

First I need to connect my metamask with remix ide. To do that we need to go to the deploy and run transaction section and at the top we can see the environment section. Just click on it and select the Injected Provider - MetaMask option.

After that, your metamask pops up and simply select the test network on which you want to deploy your smart contract in my case I'm connecting my metamask with the Sepolia test network.

After the connection goes down you find the deploy button in remix ide.

First, compile your contract by ctrl+s or just go to the solidity compile section press the compile button come back to the deploying section and press the deploy button. You see another metamask popup to confirm the transaction.

Simply press the confirm button and your contract is deployed to the Sepolia test network. After that copy the address of the deployer contract and open the metamask or whatever wallet you have and below your account address you can see the send button click on that and paste the contract address.

Press the confirm button and after that, you see the transaction fail I'm talking about this problem.

In conclusion, if someone tries to send ethers by wallet or if your contract doesn't have a receive function then the transaction fails and the amount of ether is not transferred to the contract address. So to prevent this problem we need to create a receive function. If our contract has the receive function then our contract can receive ethers. Let's do it with the receive function.

//SPDX-License-Identifier: MIT
pragma solidity > 0.5.0 < 0.9.0;

contract Enhanced{
    function receiveEth() public payable {}
    receive() payable external{}
}

To create a receive function you must keep in mind that the function must be external visibility because this function we are not able to call this function inside the contract. If someone tries to send using external things like a wallet or without calling the receiveEth function then this receive function gets triggered and the contract can receive ethers. Payable is because our receive function is accepting the ethers that is why. let's deploy again the contract using the same above steps. After that copy the address of the newly deployed contract and try to send ethers again using the same steps.

Now what you see the transaction is conform.

As you can see our contract now has a Balance: of 0.00001 ETH. I hope now you understand why we use this receive function and if have any doubts you can ask me. This article is already too long. So, we talk about the fallback function in the next article so stay tuned.

In the end, thank you for reading this article, Keep reading, Keep learning and Keep growing.

WeMakeDevsreceiver functionSolidityBlockchainWeb3