openzeppelin-solidity

OpenZeppelin is a library for secure smart contract development. It provides implementations of standards like ERC20 and ERC721 which you can deploy as-is or extend to suit your needs, as well as Solidity components to build custom contracts and more complex decentralized systems.

Install

npm install openzeppelin-solidity

Usage

To write your custom contracts, import ours and extend them through inheritance.

pragma solidity ^0.5.0;

import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Full.sol';
import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Mintable.sol';

contract MyNFT is ERC721Full, ERC721Mintable {
  constructor() ERC721Full("MyNFT", "MNFT") public {
  }
}

You need an ethereum development framework for the above import statements to work! Check out these guides for Truffle or Embark.

On our site you will find a few guides to learn about the different parts of OpenZeppelin, as well as documentation for the API. Keep in mind that the API docs are work in progress, and don’t hesitate to ask questions in our Slack.

Security

OpenZeppelin the project is maintained by Zeppelin the company, and developed following our high standards for code quality and security. OpenZeppelin is meant to provide tested and community-audited code, but please use common sense when doing anything that deals with real money! We take no responsibility for your implementation decisions and any security problems you might experience.

The core development principles and strategies that OpenZeppelin is based on include: security in depth, simple and modular code, clarity-driven naming conventions, comprehensive unit testing, pre-and-post-condition sanity checks, code consistency, and regular audits.

The latest audit was done on October 2018 on version 2.0.0.

Please report any security issues you find to security@openzeppelin.org.

Contribute

OpenZeppelin exists thanks to its contributors. There are many ways you can participate and help build high quality software. Check out the contribution guide!

License

OpenZeppelin is released under the MIT License.

Changelog

2.2.0 (2019-03-14)

New features

• ERC20Snapshot: create snapshots on demand of the token balances and total supply, to later retrieve and e.g. calculate dividends at a past time. (#1617)
• SafeERC20: ERC20 contracts with no return value (i.e. that revert on failure) are now supported. (#1655)
• ERC20: added internal _approve(address owner, address spender, uint256 value), allowing derived contracts to set the allowance of arbitrary accounts. (#1609)
• ERC20Metadata: added internal _setTokenURI(string memory tokenURI). (#1618)
• TimedCrowdsale: added internal _extendTime(uint256 newClosingTime) as well as TimedCrowdsaleExtended(uint256 prevClosingTime, uint256 newClosingTime) event allowing to extend the crowdsale, as long as it hasn't already closed.

Improvements

• Upgraded the minimum compiler version to v0.5.2: this removes many Solidity warnings that were false positives. (#1606)
• ECDSA: recover no longer accepts malleable signatures (those using upper-range values for s, or 0/1 for v). (#1622)
• ERC721's transfers are now more gas efficient due to removal of unnecessary SafeMath calls. (#1610)
• Fixed variable shadowing issues. (#1606)

Bugfixes

• (minor) SafeERC20: safeApprove wasn't properly checking for a zero allowance when attempting to set a non-zero allowance. (#1647)

Breaking changes in drafts

• TokenMetadata has been renamed to ERC20Metadata. (#1618)
• The library Counter has been renamed to Counters and its API has been improved. See an example in ERC721, lines 17 and 204. (#1610)