I have a security problem in my Solidity contracts and I can't figure out how to fix it.
The flow goes like this:
- First, we create an instance of contract A;
- Create an instance of contract B, which receives the contract A instance in the constructor (its address);
- At some point, contract B calls a function 'foo' from contract A which tells contract A to send money to an address (the address is received as a parameter);
- Contract A sees the msg.sender as the address of contract B;
My problem is:
- I want to restrict the access for the function 'foo' in contract B only to be called by contract A (no calls made by humans manually);
- I cannot make a modifier to check the address. Since I create Contract A before Contract B, I cannot know the address of Contract B in Contract A;
- I cannot make the function internal as the contracts are not derived;
Can you please offer me advice on how to fix this problem or explain another approach on this? I am new to Solidity. Thank you!