The foreign apps can be set to any value by the user which issues the transaction. This creates a security problem because when I want to use a state of another contract in my contract then there’s a risk that the user will mimick my contract and replace the state with whatever values he wishes to have. Is there any way to mitigate such risk?
Welcome to Algorand!
For that reason, an app can only read foreign app’s storage but not write.
This way, there is no such risk.
I wasn’t specific enough with the question. I’m talking about a situation where my contracts read some other important value from other contract and the problem is that the identifier of the contract can be replaced.
That’s a very good point.
TEAL v3 is fixing this issue by adding the array “Applications” of Foreign Apps to txna:
It’s available on BetaNet right now