Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@gnosis.pm/safe-contracts

Package Overview
Dependencies
Maintainers
13
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@gnosis.pm/safe-contracts

Ethereum multisig contract

  • 1.1.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
5K
decreased by-50.18%
Maintainers
13
Weekly downloads
 
Created
Source

Gnosis Safe Contracts

npm version Build Status

Install

Install requirements with npm:

npm install

Run all tests (requires Node version >=7 for async/await):

npx truffle compile
npx truffle test

Deploy

Some contracts require that the Solidity compile target is at least petersburg (e.g. ProxyFactory and MultiSend). This is default since Solidity 0.5.5.

Note: The formal verification was performed using the contract compiled with solcjs 0.5.0.

Preparation:

  • Set INFURA_TOKEN in .env
  • Set NETWORK in .env
  • Run npx truffle compile

OpenZeppelin SDK:

  • Make sure that @openzeppelin/cli is version 2.5 (npx oz --version)
  • Make sure that all dependencies use solcjs >0.5.0
  • Set correct version in package.json
  • Set MNEMONIC in .env to current oz package owner (last deployer normally)
  • Optional: if a new deployer account is used
    • Check that a gloabl versionb of truffle 5 is installed (truffle version)
    • Run truffle exec scripts/change_oz_owner.js --network=<network> --newOwner="<address>" to enable new deployer
    • Set MNEMONIC in .env to new oz package owner
  • Run npm run deploy-oz
  • Once deployed on all networks run npx oz --freeze <network> for each network

Truffle:

  • Set MNEMONIC in .env
npx truffle deploy

Verify Contracts:

  • requires installed solc (>0.5.0)
virtualenv env -p python3
. env/bin/activate
pip install solidity-flattener
mkdir build/flattened_contracts
solidity_flattener contracts/GnosisSafe.sol --output build/flattened_contracts/GnosisSafe.sol
solidity_flattener contracts/libraries/CreateAndAddModules.sol --output build/flattened_contracts/CreateAndAddModules.sol --solc-paths="/=/"
solidity_flattener contracts/libraries/CreateCall.sol --output build/flattened_contracts/CreateCall.sol --solc-paths="/=/"
solidity_flattener contracts/libraries/MultiSend.sol --output build/flattened_contracts/MultiSend.sol --solc-paths="/=/"
solidity_flattener contracts/handler/DefaultCallbackHandler.sol --output build/flattened_contracts/DefaultCallbackHandler.sol --solc-paths="/=/"
solidity_flattener contracts/modules/DailyLimitModule.sol --output build/flattened_contracts/DailyLimitModule.sol --solc-paths="/=/"
solidity_flattener contracts/modules/SocialRecoveryModule.sol --output build/flattened_contracts/SocialRecoveryModule.sol --solc-paths="/=/"
solidity_flattener contracts/modules/StateChannelModule.sol --output build/flattened_contracts/StateChannelModule.sol --solc-paths="/=/"
solidity_flattener contracts/modules/WhitelistModule.sol --output build/flattened_contracts/WhitelistModule.sol --solc-paths="/=/"
solidity_flattener contracts/proxies/ProxyFactory.sol --output build/flattened_contracts/ProxyFactory.sol
find build/flattened_contracts -name '*.sol' -exec sed -i '' 's/pragma solidity ^0.4.13;/pragma solidity >=0.5.0 <0.7.0;/g' {} \;

Using with OpenZeppelin SDK

You can create a gnosis safe upgradeable instance using OpenZeppelin SDK by linking to the provided EVM package. This will use the master copy already deployed to mainnet, kovan, or rinkeby, reducing gas deployment costs.

To create an instance using OpenZeppelin SDK:

$ npm install -g @openzeppelin/sdk
$ oz init YourProject
$ oz link @gnosis.pm/safe-contracts
$ oz push --network rinkeby
> Connecting to dependency @gnosis.pm/safe-contracts 1.0.0
$ oz create @gnosis.pm//GnosisSafe --init setup --args "[$ADDRESS1,$ADDRESS2,$ADDRESS3],2,0x0000000000000000000000000000000000000000,\"\"" --network rinkeby --from $SENDER
> Instance created at SAFE_ADDRESS

It is suggested to use a non-default address as $SENDER.

Note: When using the contracts via ZeppelinOS make sure to choose an appropriate Proxy admin. An upgradable proxy enables the user to update the master copy (aka implementation). The default upgradable proxy is managed by an admin address. This admin address is independent from the owners of the Safe. Therefore it would be possible for the admin to change the master copy without the approval of any owner, thus allowing him to gain full access to the Safe.

Documentation

Audits/ Formal Verification

Security and Liability

All contracts are WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

License

All smart contracts are released under LGPL v.3.

Contributors

Keywords

FAQs

Package last updated on 13 Dec 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc