Ethereum Solidity code is used for writing smart contracts in Ethereum and a feature is called SelfDestruct. This is basically a function, that has existed in the Ethereum protocol since 2013. We are diving into Self Destruct and the problems with it.
What does Self Destruct do?
Self Destruct is written as SelfDestruct in the Solidity code. SelfDestruct can be used to dynamically update code, or delete code. A problem with SelfDestruct is no permission is needed for someone else to use it to update your code or delete code from an external contract. You also don’t have to use SelfDestruct within your code, as there are at least two other functions that can be used in an external contract for you to run it. Those functions are DelegateCall and CallCode, which are used a lot. No authentication or form of consent is needed for external contracts to modify your contract.
Someone can write a separate Ethereum Smart Contract written in Solidity that can interact with your Smart Contract. The other Smart contact can steal eth, delete the contract, updating the contract, or alter it. We wrote about stopping Ethereum contracts from being able to interact with your contract in our OnlyOwner article.
Some contracts need to interact with other contracts, which introduces a re-entrancy attack, unless it is secured. Securing against re-entrancy attack can be simple or complex, depending on how your code is written. These are just a few things that you want your smart contract secured against.
SelfDestruct is not the only function that can be used to modify another smart contract, but it is the one we are focusing on today. The creator of Ethereum looking back, wouldn’t have added SelfDestruct and they’re looking at a way to remove it, or make it not as much of a threat as it is now.
Smart Contracts can be written as secure as humanly possible, though based on what we discussed above, it is clear that the Ethereum blockchain is not in any form an immutable blockchain.
If you are writing a smart contract and need help, you can hire us, or contact us. You can also tweet us.