My project moved from its own eth node to Infura.
So I removed “web3.eth.personal.unlockAccount” method from source code.
I use signTransaction by refer to the tutorials(Use web3.js - Infura Docs)
but I wonder that I still can use “contract.methods.transfer(receiverAddress, wei)”
and what kind of security vulnerabilities do I keep in mind using Infura instead of my own node?
Here is the main source code of erc20 transfer
-. add pk
-. estimates gas price and gas limit
-. transfer ETH to senderAccount for gas
-. transfer erc token to main_addr for gathering tokens to main wallet.
exports.depositERCToken = async (privateKey) => {
const senderAccount = web3.eth.accounts.wallet.add(privateKey)
const mainAddr = web3.eth.accounts.wallet.add(main_addr_pk);
const weiValue = await this.getERCBalance(senderAccount.address)
if (weiValue.isZero()) {
log('No funds in %o', senderAccount.address)
return false
}
// get the estimation of gas
const gasLimit = parseInt(await contracts.ercToken.methods.transfer(mainAddr.address, weiValue.toString()).estimateGas({
from: senderAccount.address
}))
const gasPrice = parseInt(await web3.eth.getGasPrice() )
const gas = gasLimit * gasPrice
// Creating the transaction object
const tx = {
from: mainAddr.address,
to: senderAccount.address,
value: gas,
gas: 21000,
gasPrice: gasPrice
};
const signedTx = await web3.eth.accounts.signTransaction(tx, mainAddr.privateKey)
web3.eth.sendSignedTransaction(signedTx.rawTransaction)
.then(receipt => {
if (receipt.status) {
log('Fill Gas for deposit Tx: ', receipt)
return contracts.ercToken.methods.transfer(mainAddr.address, weiValue.toString())
.send({
from: senderAccount.address,
to: contracts.ercToken.options.address,
value: 0,
gas: gasLimit,
gasPrice: gasPrice
})
}
log('Error: Send Ether Transaction was reverted')
})
.then(receipt => {
log('Deposit Tx: ', receipt.transactionHash)
})
.catch(error => {
log(error)
})
.finally(() => {
web3.eth.accounts.wallet.remove(senderAccount.index)
web3.eth.accounts.wallet.remove(mainAddr.index)
})
return true
}
Thanks in advance.