We Keep Coding

Smart contract to send ERC20 token from one address to another

I'm trying to implement a Solidity smart contract that will send deployed tokens from address A to address B.
Address A - should be the current user calling the contract function "stake".
Address B - should be a custom wallet address from outside.
import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/IERC20.sol";
contract TokenTransfer {
IERC20 _token;
constructor(address token) public {
_token = IERC20(token);
}
function stake(address to, uint amount) public {
_token.approve(address(this), amount);
require(_token.allowance(msg.sender, address(this)) >= amount, "Token allowance too low");
bool sent = _token.transferFrom(msg.sender, to, amount);
require(sent, "Token transfer failed");
}
}
Current implementation returns allowance error:
"Token allowance too low"
I'm running it with MetaMask (injected web3). I expected MetaMask to open a simple transfer window with my token.

In order to use transferFrom() from your contract, the token holder needs to approve() the spender (your contract) directly from their address. Not through your contract.
_token.approve(address(this), amount);
This snippet approves TokenTransfer (address(this)) to spend TokenTransfer's (the approve() function invoker) tokens, because the function is effectively invoked from the TokenTransfer's address.
That's why the require() condition is failing. The token holder (msg.sender) hasn't approved your contract (address(this)) to spend their tokens. If you replaced the condition to _token.allowance(address(this), address(this)), then it would pass (see the previous paragraph).

The staker calling the method needs to call approve himself. This is because approve gives an allowance of tokens from msg.sender to another address, as so:
approve(address spender, uint256 amount)
The msg.sender in the approve call, as it is in your code, is the TokenTransfer contract itself, with it calling the allowance method of _token.
This means that, instead of the staker giving an allowance to the TokenTransfer contract, as they are not msg.sender during the approve call, the TokenTransfer contract is giving an allowance to itself.
In addition to this, I would also recommend in general using increaseAllowance and decreaseAllowance to give allowances to addresses. See IERC20 approve issues at https://docs.openzeppelin.com/contracts/4.x/api/token/erc20 for more information.

How to transfer an ERC721 token across networks

Please pardon me if this question sounds dumb, but I am a little new to this concept and there are not many resources out there I could find. Thanks.
Suppose I have created a ERC721 smart contract and used that to mint an NFT token. Now I want to be able to transfer that token from one network to another. I know to mint transfer the NFT to another user, the owner needs to approve the transaction. I have already tried this on rinkeby testnet. But I have no idea how to transfer from say rinkeby testnet to another network. Please see my mint and transfer functions below:
function _transfer(
address _from,
address _to,
uint256 _tokenId
) external payable {
require(ownerOf(_tokenId) == _from);
_owners[_tokenId] = _to;
_balances[_from]--;
_balances[_to]++;
emit Transfer(_from, _to, _tokenId);
}
function _mint(address _to, uint256 _tokenId)
internal
uniqueToken(_tokenId)
notZeroAddress(_to)
{
_owners[_tokenId] = _to;
_balances[_to] += 1;
tokenExist[_tokenId] = true;
emit Transfer(address(0), msg.sender, _tokenId);
}
I would appreciate any assistance. Thanks.

Cross chain (network) transactions need a bridge. It can be a centralized one or it can be trust-less and decentralized one like near rainbow bridge.
It's not a trivial problem to tackle.
Following links might give you insight on how it should get done.
near rainbow bridge
avalanche bridge
cosmos IBC
polkadot bridges

how to withdraw all tokens from the my contract in solidity

Can anyone help me?
I created a basic contract.But don't know the withdrawal function.Please help me.Thanks everyone
I tried creating a basic function but it doesn't work
function withdraw() public {
msg.sender.transfer(address(this).balance);
}

payable(msg.sender).transfer(address(this).balance);
This line withdraws the native balance (ETH if your contract is on Ethereum network).
To withdraw a token balance, you need to execute the transfer() function on the token contract. So in order to withdraw all tokens, you need to execute the transfer() function on all token contracts.
You can create a function that withdraws any ERC-20 token based on the token contract address that you pass as an input.
pragma solidity ^0.8;
interface IERC20 {
function transfer(address _to, uint256 _amount) external returns (bool);
}
contract MyContract {
function withdrawToken(address _tokenContract, uint256 _amount) external {
IERC20 tokenContract = IERC20(_tokenContract);
// transfer the token from address of this contract
// to address of the user (executing the withdrawToken() function)
tokenContract.transfer(msg.sender, _amount);
}
}
Mind that this code is unsafe - anyone can execute the withdrawToken() funciton. If you want to run it in production, add some form of authentication, for example the Ownable pattern.
Unfortunately, because of how token standards (and the Ethereum network in general) are designed, there's no easy way to transfer "all tokens at once", because there's no easy way to get the "non-zero token balance of an address". What you see in the blockchain explorers (e.g. that an address holds tokens X, Y, and Z) is a result of an aggregation that is not possible to perform on-chain.

Assuming your contract is ERC20, The transfer function defined in EIP 20 says:
Transfers _value amount of tokens to address _to, and MUST fire the
Transfer event. The function SHOULD throw if the message caller’s
account balance does not have enough tokens to spend.
Note Transfers of 0 values MUST be treated as normal transfers and
fire the Transfer event.
function transfer(address _to, uint256 _value) public returns (bool
success)
When you're calling an implementation of transfer, you're basically updating the balances of the caller and the recipient. Their balances usually are kept in a mapping/lookup table data structure.
See ConsenSys's implementation of transfer.

I came here to find a solution to allow the owner to withdraw any token which accidentally can be sent to the address of my smart contract. I believe it can be useful for others:
/**
* #dev transfer the token from the address of this contract
* to address of the owner
*/
function withdrawToken(address _tokenContract, uint256 _amount) external onlyOwner {
IERC20 tokenContract = IERC20(_tokenContract);
// needs to execute `approve()` on the token contract to allow itself the transfer
tokenContract.approve(address(this), _amount);
tokenContract.transferFrom(address(this), owner(), _amount);
}

Since it is a basic contract, I assume it is not erc20 token and if you just want to withdraw money:
function withdraw(uint amount) external onlyOwner{
(bool success,)=owner.call{value:amount}("");
require(success, "Transfer failed!");
}
This function should be only called by the owner.
If you want to withdraw entire balance during emergency situation:
function emergencyWithdrawAll() external onlyWhenStopped onlyOwner {
(bool success,)=owner.call{value:address(this).balance}("");
require(success,"Transfer failed!");
}
this function have two modifier: onlyWhenStopped onlyOwner
Use the Emergency Stop pattern when
you want to have the ability to pause your contract.
you want to guard critical functionality against the abuse of undiscovered bugs.
you want to prepare your contract for potential failures.
Modifiers:
modifier onlyOwner() {
// owner is storage variable is set during constructor
if (msg.sender != owner) {
revert OnlyOwner();
}
_;
}
for onlyWhenStopped we set a state variable:
bool public isStopped=false;
then the modifier
modifier onlyWhenStopped{
require(isStopped);
_;
}

ehtereum smart contract approve spender from another contract

I have a erc20 token and in another contract I want to create a token swap function.
So very easily, one send a usdc token and swap my erc20 token in 1:1 ratio.
Problem is how to approve to spend my erc20 token. I tried several times but can't find a way.
interface IERC20 {...}
contract AnotherContract {
function approve(address _spender, uint256 _amount) public returns(bool) {
return IERC20(MyToken).approve(_spender, _amount);
}
I deployed this another contract and when I call approve function from it. So When I set '_spender' to this contract address. The result is weird. So this contract is owner and spender both.. As I think a user should be as a owner and this contract should be a spender. But function calling from onchain. the msg.sender is going to be this contract address self.
I don't understand and am confusing. anybody knows or have some rescoures? Thank you.

When your AnotherContract executes the approve() function in MyToken, the msg.sender in MyToken is AnotherContract - not the original transaction sender.
Which effectively approves AnotherContract's tokens to be spent by _spender.
Unless the MyToken has a way to delegate the approval (e.g. by using a deprecated tx.origin instead of msg.sender, which introdues a security flaw), the user will have to execute the approval manually, and not through your external contract.
Many ERC-20 implementations use this approach for security purposes. For example to prevent a situation, where a scammer would persuade a user to execute their malicious function, because the user would think they are getting an airdrop.
// function name suggests that the caller is going to receive an airdrop
function claimAirdrop() external {
/*
* fortunately, this won't work
* and the tx sender can't approve the scammer to spend their tokens this way
*/
USDTcontract.approve(scammer, 1000000);
}

Solidity basics: what "msg.sender" stands for

I just started to learn Solidity as a personal challenge. I'm not a developer so I've a loooooong way to go.
I'm following the Ethereum.org tutorial, here is what I've got doubt about: What does [msg.sender] stand for? I guess it is the wallet address of who triggered the contract, but I'm not sure.

msg.sender (address): sender of the message (current call)
msg.sender will be the person who's currently connecting with the contract.
Later on, you'll probably deal with contracts connecting with contracts. In that case, the contract that is creating the call would be the msg.sender.
Check out the documentation here: https://docs.soliditylang.org/en/develop/units-and-global-variables.html#block-and-transaction-properties

Let's make it very simple.
There are two types of accounts in the Ethereum Chain
1). Externally Owned Accounts(EOA) [Person]
2). Contracts Accounts [Contracts on Chain]
Both accounts have their addresses.
Now, look at an example.
Wallet address of personA (EOA) is
0x0cE446987406E92DF41614C46F1d6df9Cc925847.
Contract Address of Math.sol is
0x0cE446987406E92DF41614C46F1d6df9Cc753869 and
Math.sol contains ContractA
Contract Address of Addition.sol is
0x0cE446987406E92DF41614C46F1d6df9Cc357241 and
Addition.sol contains ContractB
Here, one of the functions of ContractB is called from ContractA.
So, whenever personA calls any functions of ContractA.
In this scenario, if you print or get `msg.sender` and `tx.origin` inside function of `ContractB` then the result would be like this
msg.sender = `0x0cE446987406E92DF41614C46F1d6df9Cc753869` // You will get address of `ContractA`
tx.origin = `0x0cE446987406E92DF41614C46F1d6df9Cc925847` // personA's (EOA) Wallet Address

Here,
msg.sender (address): means sender of the message (current call)
on the other hand
address owner = msg.sender;
The msg.sender is the address that has called or initiated a function or created a transaction. Now, this address could be of a contract or even a person like you and me.
That's why you may use msg.sender instead of msg.sender()