Solidity ERC-20 Payments – How to Validate Payments into a Contract

erc-20paymentssolidity

I'm writing a smart contract that will do something as long as the user requesting that feature has paid the correct amount. If the amount is in ETH, I can easily do that with a simple require statement like this:

function doSomething() public payable {
    require(msg.value == 1 ether);  // make sure they paid
    // if they paid, proceed with the action
}

However, if I want to accept other ERC-20 tokens instead of ETH, I am not sure how I would be able to do that inside my contract (i.e. without running my own separate server listening to the blockchain and teasing out individual transactions).

Since all ERC-20 token transfers happen inside the contract for the specific token (and not inside the methods of my smart contracts), how would my contract know or validate that:

The correct amount has been transferred.
The amount was transferred from address A.
The amount was transferred to address B.

Where A is my smart contract, and B is the user.

Best Answer

Some ERC20 tokens have the approve and transferFrom functions. In those cases you can have the user approve some tokens to your contract. Then, they can call a function in your contract which will call transferFrom on the token contract.

This requires the user to execute at least two transactions: one to call approve on the token contract, and one to call a function in your contract which in turn will call transferFrom on the token contract.

If the ERC20 token does not have approve and transferFrom, you need a separate server to listen to the blockchain and call your contract.

ERC20 is quite poorly thought out in my opinion, and it was not designed to handle this situation. That's why there are other token standards, such as ERC223: https://github.com/Dexaran/ERC223-token-standard

If ERC223 tokens are transferred to your contract, the token contract will call the tokenFallback function in your contract. This enables the transferal, verification and your contract logic to happen within 1 transaction.

Related Solutions

ERC-20 – How to Accept ERC-20 Tokens as Payment

You can use events which are a part of the ERC20 definition to keep track of payments. The Transfer event is triggered when someone makes a payment. So you need to listen for Transfer events where the _to parameter matches your recipient address.

Transfer(address indexed _from, address indexed _to, uint256 _value)

You may still have the problem of two customers buying the same product at the same time which would make it impossible to differentiate who has paid and who has not paid. If you do not want to use separate receiving accounts for each payment, you can use separate amounts for each payment: You could cycle through different values at the least significant digits (1-3 digits) of the amount (the smallest possible values usually are not worth anything). You could also cycle through various payment addresses, thus having only ten or one hundred payment addresses that you receive on, making sure that only one is in use at a time.

You could even use a combination of these two strategies to all but eliminate the risk of a "payment collision" where you are unable to differentiate between two payment requests.

ERC-20 – How to Receive ERC20 Tokens in Smart Contract?

Try this:

//SPDX-License-Identifier: MIT
pragma solidity 0.8.0;

import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/access/Ownable.sol";

contract Orders is Ownable {
  uint256 public counter;
  address token;

  constructor(address _token) {
    token = _token;
  }

  function deposit(uint _amount) public payable {
    // Set the minimum amount to 1 token (in this case I'm using LINK token)
    uint _minAmount = 1*(10**18);
    // Here we validate if sended USDT for example is higher than 50, and if so we increment the counter
    require(_amount >= _minAmount, "Amount less than minimum amount");
    // I call the function of IERC20 contract to transfer the token from the user (that he's interacting with the contract) to
    // the smart contract  
    IERC20(token).transferFrom(msg.sender, address(this), _amount);
    counter = counter + 1;
  }

  // This function allow you to see how many tokens have the smart contract 
  function getContractBalance() public onlyOwner view returns(uint){
    return IERC20(token).balanceOf(address(this));
  }
}

NOTE: Remember to approve the smart contract to spend your tokens.

Best Answer

Related Solutions

ERC-20 – How to Accept ERC-20 Tokens as Payment

ERC-20 – How to Receive ERC20 Tokens in Smart Contract?

Related Topic