3.42 Handling Ether

Let's now talk about another fundamental aspect of smart contracts and Ethereum which is the way they handle Ether. Contracts that accept, manage or transfer Ether should take care of several things.

• They should ensure that functions handling Ether are using msg.value appropriately, remember that msg.value is a global variable in the context of a transaction which, for example when used or accounted multiple times (say inside loops) have led to critical vulnerabilities.

• They should ensure that logic that depends on Ether value accounts for either less or more Ether set via payable functions.

• Logic that depends on contract Ether balance, accounts for the different direct or indirect ways of receiving Ether such as coinbase transaction or selfDestruct recipient that we have discussed earlier.

• Logic that handles withdrawal balance and transfers does so correctly in any accounting logic.

• Transfers should be reentrancy safe.

• Ether can't accidentally get locked within a contract.

Functions handling Ether should also be checked extra carefully for access control input validation and error handling all these various aspects of Ether handling should be reviewed for correctness.