forked from ethereum/remix-ide
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e9d5258
commit 5a40fde
Showing
1 changed file
with
9 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,13 +1,19 @@ | ||
| Using Remix Safely | ||
| ================== | ||
|
|
||
| - DO NOT send transaction on contracts you don't understand (even if it's a get rich quick scheme that you copy pasted from a Discord DM or a youtube video). | ||
| - It is dangerous to send transactions on contracts you don't understand (even if it's a get rich quick scheme that you've copied & pasted from a Discord DM or a youtube video and you really really want to get rich). | ||
|
|
||
| - Check our [article](https://medium.com/remix-ide/remix-in-youtube-crypto-scams-71c338da32d?source=friends_link&sk=bb6efbbf88bc3e496611943d282ad797) on a current scam promoting "liquidity front runner bots". | ||
|
|
||
| - Always check that you are loading Remix over HTTPS unless you have a specific reason for accessing it with HTTP (e.g. for using Remix locally or for a connection you trust). | ||
|
|
||
| - For production applications, DO NOT use GitHub/NPM imports because you don't know what version of files you are getting and the builds are not reproducible. | ||
| - Make sure all your imports include the **version number** otherwise you don't know what version of files you are getting and the builds are not reproducible. | ||
|
|
||
| So **do not** use an import like this:<br> | ||
| `import "@openzeppelin/contracts/token/ERC20/ERC20.sol";` | ||
|
|
||
| Rather, **use one** like this:<br> | ||
| `import "@openzeppelin/[email protected]/token/ERC20/ERC20.sol";` | ||
|
|
||
| - When connecting a contract to an existing deployment, ensure that the thing you are connecting to is correct AND is the correct version. | ||
|
|
||
|
|
@@ -23,7 +29,7 @@ If you are directed to some site that looks like Remix but has a **similar but d | |
| ### Remix's ease makes its users a target | ||
| Because Remix has no setup, it has a large community of noobies to smart contract development. This is great, but it provides a target audience for scammers exploit. Without Remix, the scammers would first need to instruct victims to set up a local dev environment, which would severely limit the success rate of the scam. | ||
|
|
||
| Scams lose their effectiveness when potential victims are educated about scams and about how to read and understand code. Learn Solidity and learn it well! | ||
| **Scams lose their effectiveness when potential victims are educated about scams and about how to read and understand code. Learn Solidity and learn it well!** | ||
|
|
||
| For Solidity Tutorials in Remix, go to the LearnEth plugin. | ||
|
|
||