• Stars
    star
    24,663
  • Rank 880 (Top 0.02 %)
  • Language
    JavaScript
  • License
    MIT License
  • Created over 8 years ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OpenZeppelin Contracts is a library for secure smart contract development.

Warning
Version 5.0 is under active development. The code in this branch is not recommended for use.

OpenZeppelin

NPM Package Coverage Status GitPOAPs Docs Forum

A library for secure smart contract development. Build on a solid foundation of community-vetted code.

πŸ§™ Not sure how to get started? Check out Contracts Wizard β€” an interactive smart contract generator.

πŸ—οΈ Want to scale your decentralized application? Check out OpenZeppelin Defender β€” a secure platform for automating and monitoring your operations.

Overview

Installation

Hardhat, Truffle (npm)

$ npm install @openzeppelin/contracts

OpenZeppelin Contracts features a stable API, which means that your contracts won't break unexpectedly when upgrading to a newer minor version.

Foundry (git)

Warning When installing via git, it is a common error to use the master branch. This is a development branch that should be avoided in favor of tagged releases. The release process involves security measures that the master branch does not guarantee.

Warning Foundry installs the latest version initially, but subsequent forge update commands will use the master branch.

$ forge install OpenZeppelin/openzeppelin-contracts

Add @openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/ in remappings.txt.

Usage

Once installed, you can use the contracts in the library by importing them:

pragma solidity ^0.8.20;

import {ERC721} from "@openzeppelin/contracts/token/ERC721/ERC721.sol";

contract MyCollectible is ERC721 {
    constructor() ERC721("MyCollectible", "MCO") {
    }
}

If you're new to smart contract development, head to Developing Smart Contracts to learn about creating a new project and compiling your contracts.

To keep your system secure, you should always use the installed code as-is, and neither copy-paste it from online sources nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs.

Learn More

The guides in the documentation site will teach about different concepts, and how to use the related contracts that OpenZeppelin Contracts provides:

  • Access Control: decide who can perform each of the actions on your system.
  • Tokens: create tradeable assets or collectives, and distribute them via Crowdsales.
  • Utilities: generic useful tools including non-overflowing math, signature verification, and trustless paying systems.

The full API is also thoroughly documented, and serves as a great reference when developing your smart contract application. You can also ask for help or follow Contracts's development in the community forum.

Finally, you may want to take a look at the guides on our blog, which cover several common use cases and good practices. The following articles provide great background reading, though please note that some of the referenced tools have changed, as the tooling in the ecosystem continues to rapidly evolve.

Security

This project is maintained by OpenZeppelin with the goal of providing a secure and reliable library of smart contract components for the ecosystem. We address security through risk management in various areas such as engineering and open source best practices, scoping and API design, multi-layered review processes, and incident response preparedness.

The OpenZeppelin Contracts Security Center contains more details about the secure development process.

The security policy is detailed in SECURITY.md as well, and specifies how you can report security vulnerabilities, which versions will receive security patches, and how to stay informed about them. We run a bug bounty program on Immunefi to reward the responsible disclosure of vulnerabilities.

The engineering guidelines we follow to promote project quality can be found in GUIDELINES.md.

Past audits can be found in audits/.

Smart contracts are a nascent technology and carry a high level of technical risk and uncertainty. Although OpenZeppelin is well known for its security audits, using OpenZeppelin Contracts is not a substitute for a security audit.

OpenZeppelin Contracts is made available under the MIT License, which disclaims all warranties in relation to the project and which limits the liability of those that contribute and maintain the project, including OpenZeppelin. As set out further in the Terms, you acknowledge that you are solely responsible for any use of OpenZeppelin Contracts and you assume all risks associated with any such use.

Contribute

OpenZeppelin Contracts exists thanks to its contributors. There are many ways you can participate and help build high quality software. Check out the contribution guide!

License

OpenZeppelin Contracts is released under the MIT License.

Legal

Your use of this Project is governed by the terms found at www.openzeppelin.com/tos (the "Terms").

More Repositories

1

ethernaut

Web3/Solidity based wargame
JavaScript
1,960
star
2

openzeppelin-contracts-upgradeable

Upgradeable variant of OpenZeppelin Contracts, meant for use in upgradeable contracts.
JavaScript
978
star
3

cairo-contracts

OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
Rust
821
star
4

awesome-openzeppelin

Blockchain educational resources curated by the OpenZeppelin team
755
star
5

damn-vulnerable-defi

Solidity
654
star
6

openzeppelin-upgrades

Plugins for Hardhat and Foundry to deploy and manage upgradeable contracts on Ethereum.
TypeScript
607
star
7

solidity-docgen

Documentation generator for Solidity projects
TypeScript
441
star
8

merkle-tree

A JavaScript library to generate merkle trees and merkle proofs.
TypeScript
435
star
9

openzeppelin-sdk

OpenZeppelin SDK repository for CLI and upgrades.js. No longer actively developed.
JavaScript
434
star
10

workshops

Code and slides for OpenZeppelin Workshops
JavaScript
428
star
11

openzeppelin-test-helpers

Assertion library for Ethereum smart contract testing
JavaScript
416
star
12

openzeppelin-labs

A space for the community to interact and exchange ideas on the OpenZeppelin platform. Do not use in production!
JavaScript
374
star
13

nile

CLI tool to develop StarkNet projects written in Cairo
Python
321
star
14

contracts-wizard

Interactive smart contract generator based on OpenZeppelin Contracts.
TypeScript
241
star
15

exploit-uniswap

Exploiting a Uniswap exchange that uses an ERC777 token by leveraging the reentrant microtrading attack vector
JavaScript
171
star
16

openzeppelin-foundry-upgrades

Foundry library for deploying and managing upgradeable contracts
Solidity
157
star
17

openzeppelin-subgraphs

Subgraph schema and templates to index the activity of OpenZeppelin Contracts.
TypeScript
142
star
18

solidity-jwt

Experiments with Solidity JWT. Do not use in production.
Solidity
131
star
19

starter-kit

An OpenZeppelin starter kit containing React, OpenZeppelin SDK & OpenZeppelin Contracts.
JavaScript
121
star
20

token-vesting-ui

UI for TokenVesting contract from OpenZeppelin. No longer maintained
JavaScript
97
star
21

solidity-ast

TypeScript types and a JSON Schema for the Solidity AST
JavaScript
90
star
22

openzeppelin-test-environment

[Not actively maintained] One-line setup for blazing-fast smart contracts tests
Solidity
90
star
23

ctf-2024

⚑️ Ethernaut CTF 2024 Challenges & Solutions
Solidity
85
star
24

rust-contracts-stylus

A library for secure smart contract development written in Rust
Rust
80
star
25

contract-bots-gang

TypeScript
69
star
26

sample-crowdsale-starter

Empty sample starter truffle project for using zeppelin-solidity for a crowdsale
JavaScript
67
star
27

polkadot-runtime-templates

Runtime Templates for Polkadot Parachains
Rust
65
star
28

nile-rs

CLI tool to develop Starknet projects written in Cairo
Rust
56
star
29

defender-client

Monorepo for all defender-client npm packages
TypeScript
55
star
30

defender-autotask-examples

Example snippets for Defender Autotasks
JavaScript
49
star
31

crafty

A collectibles crafting game. Built using the OpenZeppelin SDK.
JavaScript
48
star
32

docs.openzeppelin.com

Source for the OpenZeppelin documentation site
SCSS
45
star
33

openzeppelin-network.js

An easy to use and reliable library that provides one line access to Web3 API.
TypeScript
44
star
34

starter-kit-gsn

An OpenZeppelin starter kit focused on GSN.
JavaScript
40
star
35

openzeppelin-gsn-provider

Web3 provider for the Gas Station Network
JavaScript
39
star
36

starter-kit-tutorial

An OpenZeppelin starter kit tutorial containing React, OpenZeppelin SDK & OpenZeppelin Contracts.
JavaScript
38
star
37

defender-docs

Security Management to Protect the Open Economy
31
star
38

openzeppelin.org

Source code for OpenZeppelin website
23
star
39

defender-templates

Templates for using OpenZeppelin Defender using Serverless configurations
JavaScript
23
star
40

compound-monitoring

JavaScript
22
star
41

openzeppelin-transpiler

TypeScript
22
star
42

gnosis-multisig

Allows multiple parties to agree on transactions before execution. Forked from Gnosis multisig repository.
CSS
22
star
43

openzeppelin-gsn-helpers

Test and development helper methods and scripts for GSN
JavaScript
21
star
44

upgrades-safe-app

TypeScript
20
star
45

configs

Code style guidelines and rules for OpenZeppelin projects
JavaScript
20
star
46

gsn-sample-chat_app

OpenZeppelin starter-kit based GSN tutorial for a Chat App
JavaScript
20
star
47

defender-serverless

Configure a Defender environment via code
TypeScript
20
star
48

openzeppelin-contracts-docs

OpenZeppelin documentation site configuration
JavaScript
19
star
49

defender-sdk

Defender SDK
TypeScript
18
star
50

defender-example-metatx-relay

Example meta-tx relay built using Defender
JavaScript
16
star
51

accesscontrol-explorer

Work in progress explorer for AccessControl roles
Svelte
15
star
52

erc20-onboarding

ERC20 token on-boarding on the OpenZeppelin SDK platform
JavaScript
15
star
53

sample-crosschain-env

Test environments for crosschain operations
Shell
15
star
54

openzeppelin-whitepaper

LaTeX sources for the OpenZeppelin Platform Whitepaper
Makefile
14
star
55

openzeppelin-contract-loader

Load contract ABIs from built artifacts and return contract objects
JavaScript
14
star
56

ethernaut-leaderboard

JavaScript
13
star
57

koba

Deploy Stylus contracts with Solidity constructors
Rust
12
star
58

openzeppelin-team-nft

NFT for OpenZeppelin Team
JavaScript
12
star
59

gsn-site

The Ethereum Gas Station Network Alliance Landing Page and Tools
JavaScript
12
star
60

solidity-loader

Solidity Hot Loader for Starter Kits. Not currently maintained
JavaScript
11
star
61

proxy-explorer

πŸ‘· Under construction!
TypeScript
11
star
62

openzeppelin-nile-upgrades

Plugin for Nile to deploy and manage upgradeable contracts on StarkNet.
Python
10
star
63

access-manager-explorer

TypeScript
10
star
64

proposal143

Solidity
10
star
65

compound-re-enable-dsr-proposal

Foundry simulation for Compound Proposal for re-enabling MakerDAO DSR
Solidity
10
star
66

defender-as-code

TypeScript
9
star
67

highlightjs-cairo

JavaScript
8
star
68

gsn-relayer

GSN relayer server, forked from openeth-dev/gsn
Go
8
star
69

web3-gsn-faucet-provider

JavaScript
8
star
70

token-vouching

Vouching contracts and scripts for the OpenZeppelin SDK token
JavaScript
7
star
71

compound-governance-proposal-behavior

Set of tests to reflect the proposal lifecycle behavior
Solidity
7
star
72

zeppelin.solutions

Institutional website
6
star
73

research-cryptography

OpenZeppelin Research group working repository
Jupyter Notebook
6
star
74

openzeppelin-token-registry

OpenZeppelin Ethereum Packages registry
JavaScript
5
star
75

compound-assets-listing

Template repo to define assets listing on Compound
4
star
76

compound-security-policies

Security roles and responsibilities for Compound
4
star
77

fuzzy-import-parser

TypeScript
4
star
78

gsn-tools

Set of tools to manage the GSN
JavaScript
4
star
79

docs-utils

Scripts used for docs previews in pull requests across OpenZeppelin projects
JavaScript
4
star
80

secure-development-cookbook

The essential blueprint for crafting secure protocols
JavaScript
4
star
81

discourse-highlightjs-langs

HTML
3
star
82

sgp

Solidity ANTLR4 grammar Python parser
Python
3
star
83

openzeppelin-upgrades-migration-example

3
star
84

governor-quorum-bot

Forta detection bot to alert about changes in quorum quantity in a Governor contract
TypeScript
3
star
85

ctf-infra

🧱 Infrastructure for Ethernaut CTF 2024
Python
3
star
86

polkadot-evm-runtime-template

EVM runtime template for Polkadot parachains
Rust
3
star
87

defender-serverless-workshop

JavaScript
2
star
88

futureswap-artifacts

Compiled bytecode related to our FutureSwap audits for public viewing
2
star
89

cto.openzeppelin.com

Description of the CTO job opening at OpenZeppelin
HTML
2
star
90

tech-coaching

A place to keep study materials associated with the tech coaching
HTML
2
star
91

slack.openzeppelin.org

https://openzeppelin-slack.netlify.com/ Source for https://slack.openzeppelin.org/
1
star
92

netlify-redirects

Redirection rules for various old websites
1
star
93

defender-subgraphs

Access Control subgraph toolkit for Defender
TypeScript
1
star