2

A contract after selfdestruct cannot manage transactions, and as such any ether sent to it is lost. Wouldn't be better to switch to a contract defined state "dismissed" and reject any ether sent by mistake when in such a state?

eth
  • 85,679
  • 53
  • 285
  • 406
Davide C
  • 896
  • 1
  • 9
  • 22
  • 2
    Check the accepted answer in https://ethereum.stackexchange.com/questions/315/why-are-selfdestructs-used-in-contract-programming .. It is generally good to use that option since it frees up space and as mentioned uses negative gas so you save on gas too – R.D Oct 01 '18 at 08:57

2 Answers2

2

In my opinion, no, self-destruct is usually not a good practice. As you say, it creates dangerous voids on the blockchain where:

  1. no one has a signing key,
  2. there is no contract code, and
  3. possibly users believe there is a contract there.

Any funds sent to such an address will be unrecoverable which is the same as destroyed.

A conscientious developer can completely disable a contract without creating such a void.

contract Pausable is Ownable {

  bool public isRunning;

  modifier onlyWhenRunning {
    require(isRunning);
    _;
  }

  function stopContract() public onlyOwner {
    isRunning = false;
  }
}

Check out OpenZeppelin for a more complete implementation of the pattern.

Hope it helps.

Rob Hitchens
  • 55,151
  • 11
  • 89
  • 145
  • Actually OpenZeppelin has a Destructible contract which calls selfdestruct(...) – Davide C Oct 02 '18 at 09:59
  • I'm not against using it with extreme caution such as in the context of upgradable contracts. What concerns me is using it as a standard operating procedure. It's often not the optimal solution. – Rob Hitchens Oct 07 '18 at 23:00
  • Thanks for sharing that much better code snippet. – whoff Nov 20 '20 at 03:21
-2

You can implement this functionality by yourself. You can implement a modifier before the selfdestruct instruction to check the quantity of ether owned by the contract. This way, the contract could be "destroyed" only if it does not own ether.

Itération 122442
  • 2,052
  • 1
  • 12
  • 33
  • I don't think this answers the question. The question was about best practice and what happens to sent Ether after the contract has been destroyed - own implementation doesn't help in this case. – Lauri Peltonen Oct 01 '18 at 08:32
  • True. But can we talk about good practice if the functionality described is the only one available? – Itération 122442 Oct 01 '18 at 08:36
  • Davide is saying something different: he thinks to leave a “reject ether” function in place, fully working, instead of self destruction. I can say that self destructing is useful to clean the blockchain, freeing space. If you restrict the functionality of a contract only, all the code space remains occupied... anyway I understand the point. – Rick Park Oct 01 '18 at 08:39
  • Ok, I got it, sorry for the misunderstanding. – Itération 122442 Oct 01 '18 at 09:26