Topic: Setting traps for hackers in a block chain (Read 185 times)

I love Ethereum smart contracts.
Now, etherscan.io site has lots of advantages and just one disadvantage: they trust authors. You want to publish the source code - go ahead. Not every one is aware that Solidity has no decompiler though... So nothing prevents you from making small changes to the code.
As the result, people began building traps to catch hackers. Here is one I found - it is such a candy:

pragma solidity ^0.4.18;

contract MultiplicatorX2
{
        address public Owner = msg.sender;

        function() public payable{}

        function withdraw()  payable public
        {
                require(msg.sender == Owner);
                Owner.transfer(this.balance);
        }

        function multiplicate(address adr) public payable
        {
            if(msg.value>=this.balance)
            {
                adr.transfer(this.balance+msg.value);
            }
        }
}

A contract is very simple. It has one ether on it. Now, if you want to get it, you should send equal amount - and get it all: "if(msg.value>=this.balance)".
Well... as I said, a trap. A code published isn't identical to bitcode in a blockchain.

Here is an address: https://etherscan.io/address/0xe26e90598190a98c92c75204c9a4ecfe5983f8e0#code

If you follow the link, you can see that:
the first payment (1 ether) was made by a creator
a second payment was made by an unknown hacker
then a creator took the money and disappeared in a thin air

Disappeared? Did I say - disappeared?
Nope, he created a new contract: https://etherscan.io/address/0x5aA88d2901C68fdA244f1D0584400368d2C8e739

I love Ethereum smart contracts and popcorn: they go well together.