I am very very new to this field and am trying to create a burnable token.
Leaving my code below:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC721/ERC721.sol";
import "@openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";
import "@openzeppelin/contracts/utils/Counters.sol";
contract COToken is ERC721URIStorage {
using Counters for Counters.Counter;
Counters.Counter private _tokenIds;
constructor() ERC721("COIN", "CO") {}
function createNFT(address owner, string memory tokenURI)
public
returns (uint256)
{
_tokenIds.increment();
uint256 newItemId = _tokenIds.current();
_mint(owner, newItemId);
_setTokenURI(newItemId, tokenURI);
return newItemId;
}
function burn(uint256 tokenid)
public
returns (uint256)
{
require(msg.sender == ownerOf(tokenid));
_burn(tokenid);
return tokenid;
}
}
As you can see - I have created a createNFT function which enables to both mint and attach a tokenURI to a new token. More importantly, however, my question concerns the āburnā function. I note that the in-built _burn function is āinternalā and doesnāt appear on the remix buttons, and thus call it through this function so that it does - I want this burn function to require someone to be the owner of a given token in order to burn it. I am pretty clueless as to if someone who is not the token owner could backdoor into the original ā_burnā function once the contract is deployed and essentially burn the token without being the owner.
Tl;dr - _burn is an internal function. I call it within the contract through my function āburnā - is there a way for someone to call the _burn function by a means other than through my āburnā function and thus burn a token without being the owner.
I am terribly sorry if none of the above makes sense. Still getting to grips with this new area and Iām a slow learner.
So what does āinternalā actually mean? Itās available to the contract address and derived contracts. Meaning that for a contract to call it directly, they would need to be at the contract address āderivingā that contract. If the call was from a different contract address, it would be an external call.
So to answer your question, not one outside the contract can call that _burn function. They need to use the burn function as you are thinking.
So just to confirm (and more as a general knowledge kind of question) - if I inherit another contract and within that inherited contract there is a āprivateā function - I canāt call that function from the new contract. However, if internal, I can call the function from the new contact, and once deployed the only way to interact with that internal function from the inherited contract is through my newly created function in the new contract.
I guess the implication of this is - if I donāt call an internal function from an inherited contract, and then deploy the contract , there is no way for someone else on the blockchain to interact with that internal function at all.