Improve/Fix Allowance to avoid Double-Spending¶
Without reducing the allowance on withdrawal, someone can continuously withdraw the same amount over and over again. We have to reduce the allowance for everyone other than the owner.
function reduceAllowance(address _who, uint _amount) internal ownerOrAllowed(_amount) {
allowance[_who] -= _amount;
}
function withdrawMoney(address payable _to, uint _amount) public ownerOrAllowed(_amount) {
require(_amount <= address(this).balance, "Contract doesn't own enough money");
if(!isOwner()) {
reduceAllowance(msg.sender, _amount);
}
_to.transfer(_amount);
}