Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
@chainlink/token
Advanced tools
@chainlink/token
The LINK token is an [EIP20](https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20-token-standard.md) token with additional [ERC677](https://github.com/ethereum/EIPs/issues/677) functionality.
LINK Token Contracts 
The LINK token is an EIP20 token with additional ERC677 functionality.
The total supply of the token is 1,000,000,000, and each token is divisible up to 18 decimal places.
To prevent accidental burns, the token does not allow transfers to the contract itself and to 0x0.
Security audit for v0.4 version of the contracts is available here.
Details
- Deployments:
- Ethereum Mainnet LinkToken v0.4: 0x514910771AF9Ca656af840dff83E8264EcF986CA
- Decimals: 18
- Name: ChainLink Token
- Symbol: LINK
Installation
The project contains v0.4 contracts that were used for LINK Ethereum Mainnet deployment in 2017. For deployments moving forward, we use the updated v0.6 contracts which use a more recent version of solc and the OpenZeppelin token standards. These updates include a minor ABI change around approval/allowance naming.
yarn install
Testing
Before running tests, open a new terminal and start Ganache on port 8454:
ganache-cli -l 8000000
Compile the contracts:
yarn compile
Run tests:
yarn test
This will instruct the tests to run against your locally deployed instance of Ganache.
Or you can test specific version separately:
yarn test:v0.4
Migration
To migrate v0.4 contracts run:
yarn migrate:v0.4
To migrate v0.6 contracts run:
yarn migrate:v0.6
This will migrate the LinkToken contract to your locally deployed instance of Ganache blockchain.
FAQs
The LINK token is an [EIP20](https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20-token-standard.md) token with additional [ERC677](https://github.com/ethereum/EIPs/issues/677) functionality.
The npm package @chainlink/token receives a total of 231 weekly downloads. As such, @chainlink/token popularity was classified as not popular.
We found that @chainlink/token demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 24 Mar 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025