Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
@ercref/contracts
Advanced tools
@ercref/contracts
An open source repository for smart contract reference implementations of ERCs.
ERCRef Contracts
A repository for Ethereum builders to build ERC reference implementations.
Getting Started
Here is how you can start using this repo.
Use npm package
npm i -D @ercref/contracts
Useful Templates
- @fulldecent's https://github.com/fulldecent/solidity-template
- @mattstam's https://github.com/mattstam/solidity-template
Import dependencies
Import the contracts like you would from OpenZeppelin's contract. e.g.
import "@ercref/contracts/drafts/IERC5732.sol";
import "@ercref/contracts/drafts/BlocknumGapCommit.sol";
Here is a full example:
pragma solidity ^0.8.17;
import "@ercref/contracts/drafts/IERC5732.sol";
import "@ercref/contracts/drafts/BlocknumGapCommit.sol";
import "@openzeppelin/contracts/utils/introspection/ERC165.sol";
import "@openzeppelin/contracts/token/ERC721/ERC721.sol";
contract CommitableERC721 is ERC721, BlocknumGapCommit {
constructor(uint256 _version) ERC721("CommitToMintImpl", "CTMI") {
}
function safeMint(
address _to,
uint256 _tokenId,
bytes calldata _extraData
) onlyCommited(
abi.encodePacked(_to, _tokenId),
bytes32(_extraData[0:32]),
6 // number of blocks required to reveal
)
external {
_safeMint(_to, _tokenId); // ignoring _extraData in this simple reference implementation.
}
function supportsInterface(bytes4 interfaceId)
public
view
virtual
override(ERC721, BlocknumGapCommit)
returns (bool)
{
return super.supportsInterface(interfaceId);
}
}
Contributors of ERCRef
Publish npm
yarn publish --access public
Disclaimer and Warnings
WARNING: This repository is meant to be cutting (bleeding) edge and pioneer. Please make sure to conduct security audit before using in production.
Keywords
FAQs
An open source repository for smart contract reference implementations of ERCs.
The npm package @ercref/contracts receives a total of 5 weekly downloads. As such, @ercref/contracts popularity was classified as not popular.
We found that @ercref/contracts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 11 Jan 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025