Protect against beneficiaries that are smart contracts (#5790)

### Description beneficiaries that cannot call functions on the `ReleaseGold` smart contracts might cause loss of funds. This adds a check in a script to highlight if a beneficiary is a smart contract itself which likely means that a wrong address was copied ### Tested - Not tested ### Related issues - Fixes #5452
celo-org · Nov 12, 2020 · b5811a7 · b5811a7
1 parent 5d34812
commit b5811a7
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/packages/protocol/scripts/truffle/deploy_release_contracts.ts b/packages/protocol/scripts/truffle/deploy_release_contracts.ts
@@ -89,6 +89,20 @@ async function handleGrant(config: ReleaseGoldConfig, currGrant: number) {
     '0x000000000000000000000000000000000000ce10',
   ]
 
+  const bytecode = await web3.eth.getCode(config.beneficiary)
+  if (bytecode !== '0x') {
+    const response = await prompts({
+      type: 'confirm',
+      name: 'confirmation',
+      message: `Beneficiary ${config.beneficiary} is a smart contract which might cause loss of funds if not properly configured. Are you sure you want to continue? (y/n)`,
+    })
+
+    if (!response.confirmation) {
+      console.info(chalk.yellow('Skipping grant due to user response'))
+      return
+    }
+  }
+
   const message =
     'Please review this grant before you deploy:\n\tTotal Grant Value: ' +
     Number(config.numReleasePeriods) * Number(config.amountReleasedPerPeriod) +
@@ -108,6 +122,7 @@ async function handleGrant(config: ReleaseGoldConfig, currGrant: number) {
       ? '\n\tDebug: Contract init args: ' + JSON.stringify(contractInitializationArgs)
       : '') +
     '\n\tDeploy this grant? (y/n)'
+
   if (!argv.yesreally) {
     const response = await prompts({
       type: 'confirm',