Smart Contract Security - Fallback and Receive

Support

_Follow along with the video_ --- In the world of Solidity smart contracts, it's important to understand the fallback and receive functions. By default, Solidity smart contracts reject any Ether (ETH) sent to them. In order to enable your contract to accept ETH, we would implement `fallback` and `receive` functions. Let's look at these more closely. ## What are the Fallback and Receive functions? These two specific functions - `fallback` and `receive` - enable a contract to accept and react to native ETH sent to it. Both these functions can be made "**external payable**", indicating that they can receive and handle ETH. So, how do they function? Here's the core logic to give you a better understanding: ::image{src='/security-section-1/9-fallback-receive/fallback-receive1.png' style='width: 30%; height: auto;' alt='block fee' figureStyle='display: flex; justify-content: center;'} To put it simply, consider the case of sending ETH to a smart contract without any data. In such an instance, the `receive` function would be called, resorting to `fallback` if the `receive` function does not exist. On the other hand, if there _is_ data, Solidity will skip straight to the `fallback` function, bypassing the `receive` function entirely. ## Default Settings in Solidity It is worthwhile to note that the `fallback` function may or may not be payable. If the contract lacks a `receive` function and the `fallback` function isn't payable, then the `fallback` function won't be called when you send ETH to the contract. ```js fallback() external{} receive() external payable {} ``` By the same token, a contract that does not contain any of these functions will reject any ETH sent to it. In fact, Solidity will automatically compile this contract to reject ETH - with at least one notable exception we'll go over later. ## Deepening Understanding: Encoding The next lesson is a clip you might remember from the Foundry Course. We're going to go over encoding and explain how it can be used to call any function on any contract from another contract. Let's do it.

Fallback and Receive

Learn about the fallback and receive functions in Solidity. Investigate how these functions influence smart contract functionality.

Solidity Developer

Smart Contract Security

Course Introduction

Duration: 25min

Section 1: Review

Duration: 1h 18min

1. Tooling Prerequisites

This lesson provides an overview of the essential tools required for Solidity and Smart Contract development. It includes a guide to text editors like Visual Studio Code and VSCodium, and an introduction to frameworks such as Foundry, alongside compatibility tips for different operating systems. It also highlights the importance of AI tools like Find and ChatGPT in the development process. Duration: 4min

2. Solidity Prerequisites

Review the prerequisites for the Security and Auditing course, including skills like using Remix and Foundry. Duration: 4min

3. Fuzzing and invariants

Explore the concepts of fuzz testing and invariant testing in Solidity. This lesson explains how fuzz testing can help uncover unexpected application failures, and dives into the practice of testing invariants, or properties that always hold true, in smart contracts. Duration: 10min

4. Installing Libraries

Learn to use OpenZeppelin for ERC20 token integration, including installation and contract creation. Insights into ERC-721 as well. Duration: 3min

5. What is an ERC20?

introduction to ERC-20 tokens, their functionality, and applications. Learn ERC-20 basics like token creation and use cases. Duration: 2min

6. What is an ERC721?

What is an NFT? Learn the role of ERC-721 in representing unique digital assets on the blockchain. Duration: 6min

7. Advanced Solidity Prerequisites

Learn advanced concepts in Solidity, focusing on storage in smart contracts. Delve into how storage works and the role of constants and immutables. Duration: 2min

8. Storage

Gain a comprehensive understanding of storage in Solidity. This lesson covers global variables, the storage data structure, handling dynamic variables, and the role of constant and immutable variables. It also explains the use of the 'memory' keyword for efficient data management. Duration: 5min

9. Fallback and Receive

Learn about the fallback and receive functions in Solidity. Investigate how these functions influence smart contract functionality. Duration: 2min

10. ABI encode

This lesson focuses on ABI (Application Binary Interface) encoding in Solidity, explaining its role in concatenating strings and encoding data into binary. It provides insights into the process of compressing binary data and techniques for multiple data encoding. Duration: 23min

11. Encoding Functions

Learn about ABI encoding and how it's used in the context of low level function calls in Ethereum. Duration: 6min

12. Upgradeable contracts

Explore the design of upgradeable smart contracts using Proxy and Delegate Call. This lesson covers the functionality, applications, and coding techniques of these concepts, crucial for managing contract upgrades while preserving the contract's state. Duration: 1min

13. Self Destruct and Review

Understand the use and implications of the selfdestruct keyword in Solidity. This lesson explains how selfdestruct can remove contracts and force ETH into specified addresses, a unique behavior with significant impact on contract functionality and security. Duration: 10min

Section 2: What is a smart contract audit

Duration: 35min

Section 3: Your First Audit | PasswordStore

Duration: 2h 28min

Section 4: Puppy raffle

Duration: 5h 03min

Section 5: TSwap

Duration: 5h 22min

Section 6: Thunder Loan

Duration: 4h 33min

Section 7: Boss Bridge

Duration: 2h 01min