10

Since contract code can possibly live forever once deployed, what are some best practices or patterns to use in Smart Contract development to prevent the potential for unintended loss of Ether or loss of owner control of the contract?

For example, should contract code always include a suicide call to return funds to the owner?

eth
  • 85,679
  • 53
  • 285
  • 406
dbryson
  • 6,403
  • 2
  • 27
  • 37

2 Answers2

5

I have begun collecting best practices at the following URL: http://vessenes.com/we-need-some-best-practices-for-smart-contracts/

In brief, though, I suggest you should at least think through having the following functions / state changes accounted for:

  • Copyright
  • License
  • Contact
  • Birth
  • (Natural)Death
  • UnexpectedBug
  • MostRecentVersionAddress
  • VersionUpgrade
  • Deprecate
  • Pause/Unpause
  • NewOwner
  • Whitelist

Another one to be aware of is that send's can fail. Test them (they return bool), and do something about it if there's a failure.

Peter V
  • 151
  • 2
0

Yes, always have ownership of your contracts and they must have the suicide method modified to return the founds to the owner. That are the most important things and of course always be careful of the amount of data that you store on your contracts, you dont want to store unnecessary data on the blockchain.

try to always use this function on your contracts(if they are just simple contracts for testing):

function kill() { if (msg.sender == owner) suicide(owner); }
AugustoL
  • 215
  • 2
  • 7
  • I would say this is a bad idea. Why should all the funds go back to the owner/maintainer of the contract? – Thomas Bertani May 19 '16 at 16:37
  • Why not? if the owner is the one who payed for the deployment of the contract. But is your choice! you can the founds to wherever you want on the destruction of the contract. What do you don on the contracts destruction @ThomasBertani ? – AugustoL May 19 '16 at 16:41
  • Think about "The DAO" or many others.. sometimes there is no author or the author shouldn't be able to move funds. I would say a multisig owner is the bare minimum, but regardless that.. I wouldn't suggest to "always use the above function", might generate some misunderstanding! – Thomas Bertani May 19 '16 at 16:46
  • You are right! I edited the answer, I hope now its better, if you have any suggestion let me know. – AugustoL May 19 '16 at 16:51