The EVMs execute-on-transfer problem and non-payable contractsThis week (month/year?) in EVM design annoyance posts, I want to talk about the false concept the EVM and Solidity gives for non-payable contracts and one of the bigger attack vectors for smart contracts that is near impossible to fix. For reference, the EVM is what makes Ethereum, Qtum, and probably a few other blockchain contracts work. Basically if youre writing Solidity, youre using the EVM. For this article, Ill just assume its all about Ethereum and use ETH as the main-chain currency. This equally applies when using QTUM as the main-chain currency or any other.
For the uninitiated, the EVM doesnt really expose a general purpose interface for transferring Ethereum without potentially executing some contract code (and thus the transfer failing/throwing an exception)
however, there do exist more difficult to use ways of forcing a contract to accept ETH.
https://blog.qtum.org/the-evms-execute-on-transfer-problem-and-non-payable-contracts-c652b37c8057