smart-contract-best-practices
A guide to smart contract security best practices (by Consensys)
openzeppelin-contracts-upgradeable
Upgradeable variant of OpenZeppelin Contracts, meant for use in upgradeable contracts. (by OpenZeppelin)
Our great sponsors
| smart-contract-best-practices | openzeppelin-contracts-upgradeable | |
|---|---|---|
| 15 | 10 | |
| 7,309 | 938 | |
| 0.7% | 1.9% | |
| 4.7 | 9.4 | |
| 2 months ago | 16 days ago | |
| HTML | JavaScript | |
| - | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
smart-contract-best-practices
Posts with mentions or reviews of smart-contract-best-practices.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-20.
- Solidity security reviews?
-
Want to learn blockchain development but confused
Then i delved into best practises (https://consensys.github.io/smart-contract-best-practices/) and patterns (https://fravoll.github.io/solidity-patterns/) to improve.
-
Required reading for new ETH developer
Search for solidity exploits on Google, useful one: https://consensys.github.io/smart-contract-best-practices/ there are a lot of possible exploits so deploying one by yourself without audits is a no-go imo
-
Blockchain Dev
Consensys' Smart Contract Best Practices is a good start for security related stuff (super important because you'll be dealing with people's money in smart contracts) https://consensys.github.io/smart-contract-best-practices/
-
An Auditor's Insights To Smart Contract Security Audit
The first question which any auditing interview concerns is mostly regarding what is your preferred audit process? Answers could be subjective, but I like to follow the industry standard as in this ‘Solcurity Standard’ article by Rari-Capital along with the Consensys’ best practices set of guidelines which pave a path for a thorough audit process.
- Websites to practice white hat/ how to get into contract security?
-
Setup for Success: Creating Web3 Projects with the Truffle for VS Code Extension
Security should always be a major priority when developing smart contracts. Millions of dollars are lost to hackers on what seems like a regular basis. As a Web3 developer, you need to continuously stay up to date on the latest security best practices.
-
My journey from Web Dev to Web 3.0 Dev - Part 1
Solidity basics and best practices
- Contract example with best practices?
-
RESOURCES I USED TO LEARN BLOCKCHAIN/SMART CONTRACT PROGRAMMING
Smart Contracts Best Practices
openzeppelin-contracts-upgradeable
Posts with mentions or reviews of openzeppelin-contracts-upgradeable.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-08.
-
Solidity digest / mar 2023
v4.8.2 of OpenZeppelin contracts and contracts-upgradeable bug fix for ERC721Consecutive that could cause a balance overflow when _mintConsecutive was used for batches of size 1 breaking changes to ERC721: the internal function _beforeTokenTransfer will no longer update balances when batchSize is greater than 1
- Issue logging out certain state variables in Hardhat
-
Can a function that implements __Ownable_init by not with the initializable modifier be run more than once?
Yeah. That restriction is coming from a utility. There are options to modify the owner through transfer ownership on the `OwnableUpgradable` contract. You can also use the `reinitializer' modifier to create your own re-init logic.
- Contract inheritance is a reason Open Zeppelin plans to adopt Diamond Storage
-
Nuances of Using Upgradeable Smart Contracts
Most smart contracts developers have used Openzeppelin/contracts. Those developers dabbling in Upgradeable smart contracts use its sister project Openzeppelin/contracts-upgradeable. The two are the same albeit the constructor in the contract is replaced by the initializer.
-
Contract example with best practices?
Here’s a few references: - https://openzeppelin.com/contracts/ - https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable (highly recommended)
- Token
-
It costs $436 to deploy a smartcontract on Ethereum
https://github.com/OpenZeppelin/openzeppelin-contracts-upgra...
For KYC you'll need to implement your own ERC20 compatible token with some checks in the transfer functions. The CMTA is the Swiss contract reference and proposes one:
- https://np.reddit.com/r/solidity/comments/prlgj8/how_do_we_create_an_upgradeable_smart_contract/hdjnhnd/
- How do we create an upgradeable smart contract with a hardhat?
What are some alternatives?
When comparing smart-contract-best-practices and openzeppelin-contracts-upgradeable you can also consider the following projects:
js-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
openzeppelin-contracts - OpenZeppelin Contracts is a library for secure smart contract development.
mythril - Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
cardano-node - The core component that is used to participate in a Cardano decentralised blockchain.
web3j - Lightweight Java and Android library for integration with Ethereum clients
fe - Emerging smart contract language for the Ethereum blockchain.
l2beat - L2BEAT is an analytics and research website about Ethereum layer two (L2) scaling solutions.
DeFi-Developer-Road-Map - DeFi Developer roadmap is a curated Developer handbook which includes a list of the best tools for DApps development, resources and references!
openzeppelin-contracts-upgra
RideX - A Decentralized Riding System
CMTA20 - Smart contract to tokenize a Swiss corporation's shares on Ethereum
smart-contract-best-practices vs js-xss
openzeppelin-contracts-upgradeable vs openzeppelin-contracts
smart-contract-best-practices vs mythril
openzeppelin-contracts-upgradeable vs cardano-node
smart-contract-best-practices vs web3j
openzeppelin-contracts-upgradeable vs fe
smart-contract-best-practices vs openzeppelin-contracts
openzeppelin-contracts-upgradeable vs l2beat
smart-contract-best-practices vs DeFi-Developer-Road-Map
openzeppelin-contracts-upgradeable vs openzeppelin-contracts-upgra
smart-contract-best-practices vs RideX
openzeppelin-contracts-upgradeable vs CMTA20