Luke Hutchison

Please go ahead, thanks. You can close this PR whenever somebody writes something better!

Beyond all the over-engineering, the biggest issue with ERC777 is that it is insecure as defined, because the sender notification interface is called before state is updated: #3463 @Amxx I...

> > ERC1363 does not allow sending to EOAs or using an EOA as the spender/operator > > Where do you get that from? AFAIK this is not true. From...

Yes but look at the reference implementation. It cannot send to EOAs, or allow EOAs to act as spender. Therefore, it's clear that the total omission of any mention of...

> > One of the primary reasons for the existence of ERC777, ERC1363, ERC4524, etc. is to prevent tokens being sent to contracts that do not know what to do...

> (Also the reference implementation could technically be wrong, it does not replace the specs) The specs are simply ambiguous. They do not even address the issue of what happens...

When I look to implement a spec, I take the combination of the spec plus the reference implementation as the standard (particularly if the reference implementation was written by the...

@frangio edited, sorry.

@frangio Exactly, the EIP does not mention EOAs at all, or even hint at what should be done for EOA recipients or spenders. And the statement that you found is...

Correct, to prevent sending to EOA you have to do ``` require(account.code.length > 0, "Can't send to EOA"); ``` (Although that also prevents sending to contracts whose constructors have not...