Mahima Thacker

Posted on Jan 26

tx.origin vs msg.sender: Which to Use?

#solidity #ethereum #smartcontract #security

When writing Solidity smart contracts, you often come across tx.origin and msg.sender so what’s the difference Between tx.origin and msg.sender?

msg.sender: This is the last caller. It tells you who directly called the contract.

tx.origin: This is the first sender. It tells you who started the transaction, always an external wallet (like MetaMask).

Example:

If a wallet sends a transaction to Contract A, and Contract A calls Contract B:

In Contract B:

msg.sender is Contract A (the most recent caller).

tx.origin is the wallet(EOA) (the original transaction starter).

Using tx.origin for things like security checks can be dangerous. It can make your contract vulnerable to attacks. For better security, rely on msg.sender.

A small detail, but it can make a big difference in your contract's security.

The Essential Toolkit for Front-end Developers

Take a user-centric approach to front-end monitoring that evolves alongside increasingly complex frameworks and single-page applications.

Get The Kit

Top comments (0)

How-to deploy GuardDuty from dedicated account on multi-accounts and multi-regions organization

Ménahem Houri - Jan 2

Hashicorp Vault Agent Tutorial: Generating .env from Vault Secrets

Hamid Haghdoost - Jan 2

Open Redirects in Laravel: A Critical Guide to Secure Your Application

Pentest Testing Corp - Jan 2

Common Cybersecurity Misconceptions and How to Avoid Them

Aditya Raj - Jan 2

DEV Community