In certain circunstances, contracts can be forced to receive ether without triggering any code. This should be considered by the contract developers in order to avoid breaking important invariants in their code.
An attacker can use a specially crafted contract to forceful send ether using suicide / selfdestruct:
contract Sender {
function receive_and_suicide(address target) payable {
suicide(target);
}
}- The MyAdvancedToken contract in coin.sol is vulnerable to this attack. It will stop the owner to perform the migration of the contract.
There is no way to block the reception of ether. The only mitigation is to avoid assuming how the balance of the contract increases and implement checks to handle this type of edge cases.