echidna
openzeppelin-contracts
Our great sponsors
echidna | openzeppelin-contracts | |
---|---|---|
33 | 233 | |
2,556 | 24,079 | |
2.2% | 1.6% | |
8.5 | 9.5 | |
about 21 hours ago | 7 days ago | |
Solidity | JavaScript | |
GNU Affero General Public License v3.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
echidna
- Echidna 2.2.0 released with improvements in fuzzing performance and UX
-
Fuzzing Around: Better Smart Contract Testing through the Power of Random Inputs
Fuzzing has been around for a while in traditional full-stack development, but a new class of tools is here that can apply fuzzing to smart contract testing in web3. Some of the fuzzing tools include the open source Echidna and MythX.
-
Smart Contract Audits with ConsenSys Diligence Fuzzing - Fuzzing as a Service
Fuzzing has been around for a while. Defensics and Burp Suite are some examples in the traditional development world. There are also several web3/blockchain fuzzing tools available, such as Echidna and Foundry. However, Diligence Fuzzing is fuzzing as a service and makes everything a little simpler to implement. Which in the end means better audits and more secure contracts. So let’s look into it in more detail.
- Echidna 2.1.1 released with fixes and reduced memory footprint!
openzeppelin-contracts
-
Blockchain transactions decoding: making wallet activity understandable
Lets look the events of Open Zeppelin’s ERC20 token contract:
- Construir e implementar un VAULT (bóveda) ERC20 en Shardeum
-
Are ERC-777 Unsafe?
ERC-777 is difficult to implement properly, due to its susceptibility to different forms of attack(opens in a new tab). It is recommended to use ERC-20 instead. This page remains as a historical archive.
- OpenZeppelin is trying to avoid paying a bounty for a vulnerability that caused $1,1B worth of assets freeze
- Security improvements of the ERC20 token standard
- Ethereums most used token standard ERC20 requires security enhancements
- The most used Ethereums token standard (ERC20) requires a security patch.
-
Best Solidity Vertion
This depends if you're writing a contract from scratch or using existing code. If you're making something new, then yes (recommend not to use THE most recent available, always better to go with tried and tested). For existing projects, never try to override the solidity version. This may be a pain with "@" imports - ideally everyone should specify the library version (e.g. https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v2.5.1/contracts/token/ERC20/ERC20.sol).
What are some alternatives?
manticore - Symbolic execution tool
solmate - Modern, opinionated, and gas optimized building blocks for smart contract development.
openzeppelin-solidity - OpenZeppelin Contracts is a library for secure smart contract development. [Moved to: https://github.com/OpenZeppelin/openzeppelin-contracts]
hardhat - Hardhat is a development environment to compile, deploy, test, and debug your Ethereum software.
slither - Static Analyzer for Solidity and Vyper
ERC721A - https://ERC721A.org
remix-ide - Documentation for Remix IDE
Safemoon.sol - safemoon contract
mythril - Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
solidity - Solidity, the Smart Contract Programming Language
ganache - :warning: The Truffle Suite is being sunset. For information on ongoing support, migration options and FAQs, visit the Consensys blog. Thank you for all the support over the years.
truffle - :warning: The Truffle Suite is being sunset. For information on ongoing support, migration options and FAQs, visit the Consensys blog. Thank you for all the support over the years.