
Scanning Live Ethereum Contracts for the “Unchecked-Send” Bug - jackgavigan
http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/
======
a1k0n
Having to manually inspect the call stack depth as a best practice seems like
a design flaw... why doesn't send() itself throw an exception? And does an
exception roll back the entire contract or would it leave it half executed?

~~~
socrates1024
It would be a good idea for Solidity to properly support exceptions, this
would probably simplify things a lot.

Right now solidity has exceptions, but no way to 'catch' them. Ordinary
function calls automatically propagate exceptions when there's a problem. But,
unintuitively, `send` behaves differently.

It would be trivial to modify `send` in Solidity so that it automatically
throws an exception, like in Listing 3. But that's also often an anti-pattern,
since it would allow the 'loser' to prevent the 'winner' from ever getting the
money back. Sometimes it's important to keep on executing even if the `send`
fails.

So once Solidity supports `catch`, that would help.

------
CoolGuySteve
Maybe a metalanguage or lint is required that forces unchecked exceptions as
errors and adds more strictness. i.e.: checks things that are not relevant to
the contract terms but are relevant to its correctness.

~~~
nemild
I think it's likely that over time many changes will happen (first a blog post
like this noting the issue, then a linter, then libraries that are safer, and
then potentially language changes to reduce the risk of the most egregious
mistakes).

Programming smart contracts will also require a different mindset than general
programming, since modifying code on the blockchain is much harder than your
own app.

