reentrancy-attacks
openzeppelin-contracts
reentrancy-attacks | openzeppelin-contracts | |
---|---|---|
1 | 234 | |
1,219 | 24,174 | |
- | 1.1% | |
7.5 | 9.5 | |
27 days ago | 1 day ago | |
JavaScript | ||
GNU Affero General Public License v3.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
reentrancy-attacks
-
A look into formal verification of smart contracts using Certora
The main challenge is dealing with non-view functions. The default behavior of the prover is to assume that an external call can alter all state on every contract but the caller, noted as HAVOC_ECF. This can lead to state changes in external contracts that are unreachable, making verification more difficult. Furthermore, it assumes that the call is non-reentrant, which in reality is a frequent source of attacks. This last issue can be avoided by indicating that calls can re-enter, noted as HAVOC_ALL, but this means that an external call can mutate any state in any contract, caller included. This leaves the contract being verified in a state where we don't know anything about it after an external call is made. This severely limits what we can prove.
openzeppelin-contracts
-
Mode - Comprehensive Starter Guide
// SPDX-License-Identifier: GPL-3.0 pragma solidity ^0.8.20; import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v5.0.0/contracts/token/ERC20/ERC20.sol"; interface Sfs { function register(address _recipient) external returns (uint256 tokenId); } contract ModeToken is ERC20 { address feeReceiver = msg.sender; constructor() ERC20("ModeTokenSFSTest", "SFST2") { //Example amount to mint our ERC20 _mint(msg.sender, 1000 10 * 18); // This is the SFS contract address on testnet Sfs sfsContract = Sfs(0xBBd707815a7F7eb6897C7686274AFabd7B579Ff6); //Registers this contract and assigns the NFT //to the deployer of this contract sfsContract.register(msg.sender); } }
-
Blockchain transactions decoding: making wallet activity understandable
Lets look the events of Open Zeppelin’s ERC20 token contract:
- Construir e implementar un VAULT (bóveda) ERC20 en Shardeum
-
Are ERC-777 Unsafe?
ERC-777 is difficult to implement properly, due to its susceptibility to different forms of attack(opens in a new tab). It is recommended to use ERC-20 instead. This page remains as a historical archive.
- OpenZeppelin is trying to avoid paying a bounty for a vulnerability that caused $1,1B worth of assets freeze
- Security improvements of the ERC20 token standard
- Ethereums most used token standard ERC20 requires security enhancements
- The most used Ethereums token standard (ERC20) requires a security patch.
What are some alternatives?
LiquidityPoolExample - Example Certora verification for a simple multi-contract system
solmate - Modern, opinionated, and gas optimized building blocks for smart contract development.
the-dao-hack-simulation - A simulation of the infamous DAO hack from 2016
hardhat - Hardhat is a development environment to compile, deploy, test, and debug your Ethereum software.
ERC721A - https://ERC721A.org
Safemoon.sol - safemoon contract
solidity - Solidity, the Smart Contract Programming Language
truffle - :warning: The Truffle Suite is being sunset. For information on ongoing support, migration options and FAQs, visit the Consensys blog. Thank you for all the support over the years.
poap-contracts - The Proof of Attendance Protocol Ethereum contracts
matic-gas-prices - Displays current gas prices on the Polygon (MATIC) network.
openzeppelin-solidity - OpenZeppelin Contracts is a library for secure smart contract development. [Moved to: https://github.com/OpenZeppelin/openzeppelin-contracts]
metamask-extension - :globe_with_meridians: :electric_plug: The MetaMask browser extension enables browsing Ethereum blockchain enabled websites