Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
WINTΞR 💙💛 Profile picture
@w1nt3r_eth
Mar 14, 2022 8 tweets 4 min read Read on X
Scrolly
Best practices when handing payments 💸 in NFT contracts #solidity
Pull, don't push.
* If you forward ether payments from your mint function, it makes minting more expensive.
* If your contract gets some Ether without triggering the mint function, these funds will be lost forever.

Instead, make a function that transfers you the full balance. Image
Note that the withdrawAll function isn't marked as onlyOwner. Anyone can call it. This lets you set up automation (e.g. via Infura or OZ defender) that doesn't depend on your private keys. Image
While you are here, it's also a good idea to include a function that does the same but for any ERC20 token.

There are plenty of ways your contract can get these, and it would be unfortunate to lose thousands of dollars by not implementing this simple function. Image
Always check for the exact payment value.

I used msg.value > X ether in my first NFT contract, and it caused a lot of headaches. Some users minted from Etherscan's UI and miscalculated the proper value, and then chased me asking for a refund (which I did). Not fun. Image
Royalties (IERC2981) is a good idea, but there are some gotchas. The payment token can be anything, so make sure the royalties receiver is either the owner or the contract has a way to extract ERC20s. Here's an example where funds got locked forever
Here's how we are implementing royalties support for @watchfacesworld. Note that we can upgrade the royaltyInfo in the future by supplying a new implementation. This is cool because we could offer our holders some royalties (no promises 😅), without locking the logic now. Image
Last 2💸 tips for now:

1) Use a shared @gnosisSafe for your team (ideally with N/M signatures requirement). It'd really suck to lose your hard earnings in case someone is compromised.

2) Use @0xSplits to painlessly split the profits.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with WINTΞR 💙💛

WINTΞR 💙💛 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @w1nt3r_eth

WINTΞR 💙💛 Profile picture
Jan 11, 2023
The first @prtyDAO-native NFT!

I'm making a tic-tac-toe game with a twist: each player is a DAO! The winner takes the funds raised by both parties.

I'm very curious about how people will coordinate in this fast-paced environment.

But there's more ↓
Party membership is a liquid NFT. So members can buy other members' votes and sabotage the opponent team!

Game theory in action.
In 6 days I'll transfer the raised ETH to the game contract. I'll also step down as party host, so there's no 1-hour veto delay.

The game will start. Parties place X and O on the board turn by turn (3 days max). A line of 5 wins. The winner gets everything.
Read 5 tweets
WINTΞR 💙💛 Profile picture
Nov 30, 2022
If you only use Etherscan to browse Ethereum, you're missing out.

Here's a list of power tools (and their hidden features) that security researchers use to investigate hacks.

Image
Etherscаn

✅ Fast and popular
🤫 Most people don't know about Logs and State tabs
🤫 New transaction decoder (click to jump to source code)
❌ UI is hard to navigate
☠️ Linking to Etherscаn gets you shadowbanned by Twitter ImageImageImageImage
ethtx.info

✅ Detailed trace of all calls that happen in the transaction
✅ Account balance change and token transfer summary
🤫 A new version at new.ethtx.info with fancy UI
❌ Slow
❌ Can't expand call data
❌ The new UI breaks sometimes ImageImage
Read 11 tweets
WINTΞR 💙💛 Profile picture
Nov 17, 2022
Spicy takes on web3 social.

I was around when phpBB was invented, I worked at Facebook for many years, I see "web3 social will change the world" narratives and I can't keep quiet

1. "Owning your data" doesn't make sense. You can own a house, a car, a pen; $100 in cash, a bank account, a share, a crypto asset. You can own intellectual property.

But if you "own" a digital file and share it online, you don't really own it anymore. And web3 social won't help
2. When people want their content to not be public, they create "friends-only" accounts. Google "finsta" if you are a millennial or older. Messengers are social networks too. Facebook was really concerned about iMessage growth among teens when I was there.
Read 12 tweets
WINTΞR 💙💛 Profile picture
Sep 23, 2022
FREE SMART CONTRACT ROAST 🔥

I'll review your Solidity code and provide feedback.

Rules:
- Has to be your code
- OK with me sharing some parts
- Export to Gist and send a DM
- No promises Image
Austin offered his code for roasting. It's a multisig implementation that allows adding/removing owners. In the 30 mins I couldn't find critical vulnerabilities, but there is some low hanging fruit

github.com/austintgriffit… ImageImageImageImage
More ImageImageImageImage
Read 8 tweets
WINTΞR 💙💛 Profile picture
Sep 21, 2022
Here's a new pattern I started using lately: allow the owner of the NFT contract to execute any transaction on its behalf.

It's more flexible and future-proof than the old pattern of withdrawing balance & coins. It DOES NOT allow the owner to rug the project.

Details ↓ Image
Here's the initial problem: as an owner of an NFT project, you want to have a way to withdraw the funds from the contract, so you add withdrawBalance.

Next, you learn that some marketplaces pay royalties in ERC20 tokens, so you add withdrawCoin.
Then your users send an NFT to your contract by mistake, or your contract receives an award as an NFT and you want to recover it, so you add withdrawNFT.

And by "add" I mean "include it in the next project you make" because most NFT contracts are immutable and non-upgradeable.
Read 6 tweets
WINTΞR 💙💛 Profile picture
Sep 9, 2022
Idea: adjust VRGDA to produce negative prices.

That's right, pay the users to mint.

"But why?"

To sell out, of course! "Sold out" is such a powerful status message, especially in the current market.

Looks like the NFT degen meta slowly shifted from expensive mints, to cheap mints, to free mints. Owners make money from royalties (while it's still a thing).
Negative price VRDGA could save a project that had a good start in sales but then slowed down the midway of selling out. Existing owners are incentivized to buy to make their money back, bystanders could make a buck, and bots will take over once the hype is in full swing.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(