Smart Contracts: validate_recipients should validate more things

[bchamagne]

I used to think that as long as the contract execute and the transaction's condition pass, we should accept the trigger transaction.

But since the users actually send assets to the contract, the contract must work. Otherwise the assets are lost. So we pretty much need to validate everything that is done during the validation of a transaction during the validation of the recipients.

Such as:

• validate if sufficient funds
• validate inherit's condition as well
• validate transaction's size

[samuelmanzanera]

Does it mean a transaction will be refused because the contract did not properly handled let's say transaction size ?

It's can be interesting but a bit controversial

[Neylix]

Does it mean a transaction will be refused because the contract did not properly handled let's say transaction size ?

It's can be interesting but a bit controversial

In some way the user transaction should not validate the SC transaction as the user chain is not responsible of the SC chains. But in other way, the user expect a specific output from the SC to be validated. So if the SC transaction fail, this is not what the user expected, and by consequence what the user transaction expected

[samuelmanzanera]

I'm not against as long the check remains restricted and minimal and will not create additional computational or network power, and as you mentioned the responsibility should be maintained towards the SC chain but avoid fund losses.