'ERC20 transferFrom() private key with web3js and metamask

I used the standard IERC20 to create an ERC20 smart contract.

I made a gambling game, that if the current user loses, he/she will have to transfer one token to the dealer (also the deployer aka msg.sender of the smart contract).

With the scenario above, I think that transferFrom("CURRENT_USER_PRIVATEKEY", "DEPLOYER_PUBLICKEY", 1) should be the answer.

However, with web3js and and metamask, I'm not sure how to get the "CURRENT_USER_PRIVATEKEY", since Metamask won't allow web3js to get the private key. In other StackOverflow posts, I found that we can hardcode this privatekey, but it's not ideal for a system with several users. What should I do to execute this transferFrom() function?

Here is my smart contract and code for the transaction:

async playerLoseMoney(){
    // Transfer money from player to the dealer
    const AMOUNT = 1;
    try{
      const contract = await this.getContract(erc20_abi_json);
      const computerChoice = await contract.methods.TransferFrom(
        "0x8a2a3a1dacF2B4b57734eB3DB71c33d3EBe263B6",
        "0xc00432E08770B9be73fB2303203B407d7B2E2cf2",
        AMOUNT
      ).call();
      alert("You lose 1 coin!")
    }catch(err){
      alert(err.stack);
      window.location.reload(); 
    }
  }

contract ERC20Token is IERC20 {
    ....
    function transferFrom(address owner, address buyer, uint256 numTokens) public returns(bool){
        require(numTokens <= balances[owner]);
        require(numTokens <= allowed[owner][msg.sender]);

        balances[owner] = balances[owner].sub(numTokens);
        allowed[owner][msg.sender] = allowed[owner][msg.sender].sub(numTokens);
        balances[buyer] = balances[buyer].add(numTokens);
        emit Transfer(owner, buyer, numTokens);
        return true;
    }
}
javascriptsoliditysmartcontractsweb3jsmetamask


Solution 1:[1]

Private key gives you control of that account. So instead of using private key, erc20 implements allowance and approve. I explained them here: what approve and allowance methods are really doing in ERC20 Standard?

Basically your account address is allowing contract address for a specified token amount to be withdrawn.

So instead of passing private key, you should be passing the public address

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Yilmaz

Related Questions

React Router with optional path parameter

How to dynamically update google recaptcha sitekey?

How to dynamically update google recaptcha sitekey?

Remove duplicate in a string - javascript

Remove duplicate in a string - javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Find an element in DOM based on an attribute value

Redirecting html page with javascript

Find an element in DOM based on an attribute value

Find an element in DOM based on an attribute value

Redirecting html page with javascript

How to find x and y coordinates of a button while using keyboard navigation?

How to find x and y coordinates of a button while using keyboard navigation?