Solidity

Receive Function

A receive function is a Solidity function that runs when a contract receives plain Ether with empty calldata.

receive() is the special Ether entry point for simple transfers with no function data.

Receive Function Explained in Detail

receive() runs when a contract receives plain Ether with empty calldata. It must be marked external payable and cannot take arguments or return values.

If calldata is not empty, Solidity uses the fallback function instead when one exists.

Smart contract example

receive() external payable {
    deposits[msg.sender] += msg.value;
}

The function records simple Ether transfers, but only for transfers that call receive().

Receive Function in Auditing

Ether can arrive through receive(), fallback, normal payable functions, validator coinbase payments, or selfdestruct. Auditors need to know which paths update accounting and which paths only change raw balance.

Red flags in code

  • receive() accepts Ether but does not update accounting.

  • Contract assumes all Ether arrived through deposit().

  • receive() contains complex logic or external calls.

  • Fallback and receive behave differently without clear reason.

  • Raw address(this).balance is used as the accounting source.

How to test or review it

  • Send Ether with empty calldata, non-empty calldata, and through a normal payable function.

  • Force-send Ether with selfdestruct and check invariants.

  • Verify events, accounting, and access checks match the intended deposit model.

  • Keep receive() simple unless the design requires otherwise.

  • Review gas assumptions for transfers from contracts and smart wallets.

Sources