* add ERC721 and ERC1155 receiver support in Governor, Timelock and MinimalForwarder (#3174)
* revert the nft receiver hooks from MinimalForwarder and linting updates
* add ERC165 support & simplify test
* add changelog entry
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* allow re-initialization of contracts
* fix lint
* use a private function to avoid code duplication
* use oz-retyped-from syntax
* add documentation
* rephrase
* documentation
* Update contracts/proxy/utils/Initializable.sol
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* reinitialize test
* lint
* typos and style
* add note about relation between initializer and reinitializer
* lint
* set _initializing in the modifier
* remove unnecessary variable set
* rename _preventInitialize -> _disableInitializers
* rename preventInitialize -> disableInitializers
* test nested reinitializers in reverse order
* docs typos and style
* edit docs for consistency between initializer and reinitializer
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* replace `immutable` with `constant` for _PERMIT_TYPEHASH
This commit is related to the following issue discussion: https://github.com/OpenZeppelin/contracts-wizard/issues/89#issuecomment-1042391318
Since Solidity version `0.6.12` the `keccak256` of string literals is treated specially and the hash is evaluated at compile time. Since the OpenZeppelin Wizard also uses `constant` for OpenZeppelin's AccessControl's roles declarations, it's good practice to make this consistent.
* Update CHANGELOG
* fix: ensure transpiler compatibility
* fix: fixing var-name-mixedcase
* prettier & lint check
Signed-off-by: Pascal Marco Caversaccio <pascal.caversaccio@hotmail.ch>
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* add a protection mechanism to prevent relaying transaction that are not
part of an execute operation
* more accurate relay authorization
* force reset the relay authorizations after executions
* refactor of the onlyGovernor modifier
* only whitelist when executor is not governor itself
* fix lint
* add private function for call permission management
* use deque
* fix lint
* remove unecessary dependency
* remove unecessary dependency
* comment rephrasing
* Update contracts/governance/Governor.sol
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* cache keccak256(_msgData())
* use Context
* lint
* conditionnal clear
* add test to cover queue.clear()
* lint
* write more extended docs for onlyGovernance
* add changelog entry
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* add vector, lifo and fifo structures
* fix lint
* need more memory for coverage
* remove Vector wrappers and gas optimization
* refactor Vector testing
* revert package.json changes
* rename to DoubleEndedQueue
* rename and refactor
* refactor tests and expand coverage
* test for custom errors
* add changelog entry
* add docs
* add sample code and note about storage vs. memory
* add available since
* lint
* use underscore for struct members
* add struct documentation
* remove SafeCast in length
* rename i -> index and improve docs
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Renames `sender` to `source`.
The naming variable was incorrect. The source of the funds is *not* necessarily (and in most cases isn't) the sender of the transaction. Also, this code has a `msgSender` which further adds confusion.
* Changes to `from/to` instead of `source`.
* Function documentation matches new names
* Changed other instances of sender/recipient to from/to.
Also changed `msgSender` to `owner` in the approval related methods.
* apply changes to IERC20.sol + minor renaming in ERC20.sol
Co-authored-by: Daniel Von Fange <daniel@leancoder.com>
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* add contract and tests
* avoid implicit cast
* add test cases
* fix test names
* modify avarage and add tests
* improve signed average formula
* fix lint
* better average formula
* refactor signed average testing
* add doc and changelog entry
* Update contracts/utils/math/SignedMath.sol
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* remove ceilDiv
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Reduce ERC20 allowance before triggering transfer
* adapt ERC777 to reduce allowance before transfer
* fix test for ERC777
* use smaller number to reduce balance
* simplify test description
* don't use deprecated expectEvents.inLogs
* fix test
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* Add Base64 library to utils
* Fix typo on Base64 padding
* Added documentation for Base64 and references from ERC1155 and ERC721
* Updated Changelog
* Fix typo in utilities doc
* use mstore8 to improve memory accesses
* use shorter strings with encodePacked
* do not use using-for syntax, for clarity
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Add a function which returns the absolute (and obviously unsigned) value of a signed value.
* add changelog entry and fix lint
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* updated docs for governor votes, 0 is against not for
* Revert unecessary changelog entry
Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
* Add a MerkleProof.processProof utility function
* Add changelog entry
* fix lint
* return index when processingProof
* fix lint
* fix test
* Apply suggestions from code review
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* improve documentation
* Apply suggestions from code review
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* remove index - see discussion in the PR
* update changelog
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Add MultiPaymentSplitter
with ERC20 support on top of the existing PaymentSplitter
* consistency and linting
* Add MultiPaymentSplitter tests
* fix lint
* add changelog entry
* add MultiPaymentSplitter to documentation
* rework PaymentSplitter to include ERC20 support by default
* remove test file for MultiPaymentSplitter
* fix lint
* completelly split erc20 and token tracking
* address some PR comments
* add notice about rebasing tokens
* fix minor error in tests
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Change GovernorTimelockCompound to support ETH in Timelock
* refactor compound timelock module
* Allow governor to receive ETH is executor == address(this)
* Removing the storage associated with decimals
* changelog entry
* changelog link to new issue number
* Update contracts/token/ERC20/ERC20.sol
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Update contracts/token/ERC20/ERC20.sol
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Update CHANGELOG.md
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Clean code
- using type().interfaceId to improve readeability of ERC165 registration
- hardcoding some keccak256 that are otherwise computed at construction.
* hardcode keccak256 result
* Improve code readeability using try/catch
* Remove hardcoded hash
tests show that solc 0.8.0 does the optimization as expected
* Use try/catch to improve readability
* ERC165Checker: Do not revert when returndata is empty + new test
* Address PR comments
* improve testing of ERC721Receiver errors
* put back comment about invalid interface id
* coverage does not support 0.8.1. Reverting back to 0.8.0
* bubble all data with length > 0 if onERC721Receive fails.
* Fix test: revert without message trigger is bubble with the default message
* using enum object to improve readability
* Fix unnamed return variable warning
This commit fixes warnings thrown by the solc 0.7.4 compiler:
"Warning: Unnamed return variable can remain unassigned. Add an explicit
return with value to all non-reverting code paths or name the variable."
* Fix function state mutability warning
This commit fixes warnings thrown by the solc 0.7.4 compiler:
"Warning: Function state mutability can be restricted to pure"
* Fix shadows an existing declaration warning
This commit fixes warnings thrown by the solc 0.7.4 compiler:
"Warning: This declaration shadows an existing declaration."
1. Arguments by default are not underscored.
2. If the name isn't available due to shadowing, use prefix underscore.
3. If prefix underscore isn't available due to shadowing, use suffix underscore.
* docs: add notes explaining presets
* fix links for mint function
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* feature: setting sublevel test scenario for AddressSet
* feat: adding tests for EnumerableSet.UintSet
* feat: adding Behavior and AddressSet and UintSet tests
* Initial ERC1155 implementation with some tests (#1803)
* Initial ERC1155 implementation with some tests
* Remove mocked isERC1155TokenReceiver
* Revert reason edit nit
* Remove parameters associated with isERC1155TokenReceiver call
* Add tests for approvals and single transfers
* Add tests for transferring to contracts
* Add tests for batch transfers
* Make expectEvent.inTransaction tests async
* Renamed "owner" to "account" and "holder"
* Document unspecified balanceOfBatch reversion on zero behavior
* Ensure accounts can't set their own operator status
* Specify descriptive messages for underflow errors
* Bring SafeMath.add calls in line with OZ style
* Explicitly prevent _burn on the zero account
* Implement batch minting/burning
* Refactored operator approval check into isApprovedForAll calls
* Renamed ERC1155TokenReceiver to ERC1155Receiver
* Added ERC1155Holder
* Fix lint issues
* Migrate tests to @openzeppelin/test-environment
* port ERC1155 to Solidity 0.6
* make ERC1155 constructor more similar to ERC721 one
* also migrate mock contracts to Solidity 0.6
* mark all non-view functions as virtual
* add simple catch-all implementation for the metadata URI interface
* include an internal function to set the URI so users can implement functionality to switch URIs
* add tests for ERC1155 metadata URI
* fix nits, mostly pointed out by linter
* convert ERC1155 metadata URI work to Solidity 0.6
* mark all non-view functions as virtual
* Port ERC 1155 branch to Solidity 0.6 (and current master) (#2130)
* port ERC1155 to Solidity 0.6
* make ERC1155 constructor more similar to ERC721 one
* also migrate mock contracts to Solidity 0.6
* mark all non-view functions as virtual
* Update contracts/token/ERC1155/IERC1155MetadataURI.sol
Starting on Solidity v0.6.2, interfaces can now inherit. \o/
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
* Fix compile errors
* Remove URI event
* Merge MetadataCatchAll into ERC1155
* Improve documentation.
* Simplify tests
* Move tests into ERC1155 tests
* Update documentation
* Bump minimum compiler version for inteface inheritance
* Fix holder tests
* Improve setUri docs
* Fix docs generation
Co-authored-by: Alan Lu <alanlu1023@gmail.com>
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* update test-helpers to 0.5.6-rc.0
* remove comment that no longer applies
* fix uses of expectEvent.notEmitted
* remove mocha only
* update to final version
* Update test/token/ERC777/ERC777.test.js
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
tweak intro dev comment to reflect more typical use case, wrapping an `IERC20` reference for a deposit contract using others' ERC-20 tokens. I might be mistaken ~ but typically SafeERC20 won't be used in conjunction with ERC20 for OZ token deployments?
* Initial ERC1155 implementation with some tests (#1803)
* Initial ERC1155 implementation with some tests
* Remove mocked isERC1155TokenReceiver
* Revert reason edit nit
* Remove parameters associated with isERC1155TokenReceiver call
* Add tests for approvals and single transfers
* Add tests for transferring to contracts
* Add tests for batch transfers
* Make expectEvent.inTransaction tests async
* Renamed "owner" to "account" and "holder"
* Document unspecified balanceOfBatch reversion on zero behavior
* Ensure accounts can't set their own operator status
* Specify descriptive messages for underflow errors
* Bring SafeMath.add calls in line with OZ style
* Explicitly prevent _burn on the zero account
* Implement batch minting/burning
* Refactored operator approval check into isApprovedForAll calls
* Renamed ERC1155TokenReceiver to ERC1155Receiver
* Added ERC1155Holder
* Fix lint issues
* Migrate tests to @openzeppelin/test-environment
* Port ERC 1155 branch to Solidity 0.6 (and current master) (#2130)
* port ERC1155 to Solidity 0.6
* make ERC1155 constructor more similar to ERC721 one
* also migrate mock contracts to Solidity 0.6
* mark all non-view functions as virtual
Co-authored-by: Alan Lu <alanlu1023@gmail.com>
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
Co-authored-by: Robert Kaiser <kairo@kairo.at>
* Improve ERC20/721 Pausable docs
* Add ERC20Pausable mint and burn tests
* Add ERC721Pausable mint and burn tests
* Add _beforeTransfer hook in ERC777 to mint and burn
* provide 'automatic' token URI by appending the token ID to the base URI, if a base is set but no token-specific URI is available
* make the three cases more explicit, avoid else after return
* adjust comments to reflect reality
* Update access-control.adoc to make compile
Add call to `ERC20("MyToken", "TKN")` in `MyToken` constructor
* Update access-control.adoc to make compile
Add call to `ERC20("MyToken", "TKN")` in `MyToken` constructor
* Update access-control.adoc MyToken formatting
* Update erc20-supply.adoc to make compile
Add call to `ERC20("MyToken", "TKN")` in `ERC20FixedSupply` constructor
* Update erc20-supply.adoc to make compile
Add constructor to `ERC20WithMinerReward`
* Update erc20-supply.adoc to make compile
In `MinerRewardMinter` use `ERC20MinterPauser`
* Update erc20-supply.adoc to make compile
Add constructor and override to `ERC20WithAutoMinerReward`
* Update erc777.adoc to make compile
* Update gsn-strategies.adoc to make compile
* Update gsn-strategies.adoc to make compile
Fix imports, add overrides, and revert reason to `MyContract`
* Update docs for ERC20 and ERC721
* Add EnumerableMap to docs
* Update misc guides
* Apply suggestions from code review
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Implement AddressSet in terms of a generic Set
* Add Uint256Set
* Add EnumerableMap
* Fix wording on EnumerableSet docs and tests
* Refactor ERC721 using EnumerableSet and EnumerableMap
* Fix tests
* Fix linter error
* Gas optimization for EnumerableMap
* Gas optimization for EnumerableSet
* Remove often not-taken if from Enumerable data structures
* Fix failing test
* Gas optimization for EnumerableMap
* Fix linter errors
* Add comment for clarification
* Improve test naming
* Rename EnumerableMap.add to set
* Add overload for EnumerableMap.get with custom error message
* Improve Enumerable docs
* Rename Uint256Set to UintSet
* Add changelog entry
* Remove _grantRole and _revokeRole, replace with _setupRole
* Make all external AccessControl functions public
* Remove Ownable._transferOwnership
* Rename ERC721's _safeTransferFrom and _transferFrom to _safeTransfer and _transfer
* Make all ERC721 external functions public
* Make all miscelaneous external functions public instead
* Add changelog entry
* Move calldata arguments to memory
* Update contracts/access/AccessControl.sol
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Restrict setupRole to the constructor
* Replace isConstructor for !isContract
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
* Add revert if the bytecode length is not greater than zero
* Add value parameter to create2 deploy function
Add tests for contract balance revert and depositing funds
* Change parameter name to amount for clarity
* Fix test for value sending
* Fix linter error
* Change revert reason
* Improve Create2.deploy documentation
* Slight test improvement
* Add changelog entry
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
* Add revert reason to EnumerableSet.get.
* Rename EnumerableSet values to keys
* Rename get to at
* Add changelog entry
* Rename keys to values
* Add leading underscore to struct members
* Add signed to unsigned conversion to SafeCast
* Update SafeCast exception message
* Add test for SafeCast int to uint conversion
- Update SafeCastMock
- Add tests for SafeCast int256 to uint256
* Update SafeCast int to uint definition
Apply suggestions from code review.
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* Update test for SafeCast int to uint conversion
* Update SafeCast test after code review
- Change "downcasts" to "casts"
- Move test closer to its function
* Fix error in SafeCast toUint256 description
* Fix breaking error in SafeCast
* Add uint256 to int256 conversion to SafeCast
- Add function
- Add mock
- Add test
* Update SafeCast unsigned to signed conversion
- Update error in conversion to be more clear
- Update constants in test to be powers of 2 instead of shifts
* Add changelog entry
* Update SafeCast tests
- Add minus in INT256_MIN for clarity
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
* Remove Roles
* Add AccessControl and tests
* Removed IAccessControl
* Add RoleGranted and RoleRevoked events
* Make roles grantable and revokable regardless of their previous status
* Fix typo
* Add documentation
* Cleanup tests
* Add enumeration tests
* Add _setRoleAdmin tests
* Fix lint error
* Fix AccessControl link in docs
* WIP on access control guide
* Rename getRoleMembersCount
* Add tests for new role admin
* Make AccessControl GSN compatible
* Update access control guide
* Rename admin to adminRole
* Rename roleIds to roles
* Add 'operator' to RoleGranted and RoleRevoked events.
* Only emit events if the roles were not previously granted/revoked
* Uncomment expectEvent.not tests
* Rename operator to sender
* Add changelog entry
In https://github.com/OpenZeppelin/openzeppelin-contracts-ethereum-package/pull/76, we are rearranging the erc721metadata contract storage layout, so the new variable is added at the end. This commit applies the same change to the vanilla contracts repository, so migration from 2.5 to 3.0 is easier for users using the transpiler.
* adding mock contacts, test code
* adding changes to ERC721.sol per @frangio's comments on original PR #1943
* fix solhint warnings
* Update contracts/token/ERC721/ERC721.sol
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* same revert wording per @frangio's review suggestion
* per @frangio's feedback, changing the inline assembly to accomplish: we want to ignore the first 4 bytes of content, so we should read the length and decrease it by 4, then take the memory location and add 4 to it, then store the new length at the new memory location, then that is the new byte array that we want.
* change revert msg assembly per PR comment by @frangio
* unify revert msg in test code
* fix some failed tests, wording change
* Update contracts/token/ERC721/ERC721.sol
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Update contracts/token/ERC721/ERC721.sol
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* fix test case, revert without reason
* fix 'ERC721ReceiverRevertsMock: Transaction rejected by receiver'
* style change per review by @frangio
* fix revert reason forwarding
* remove duplicate contracts/mocks/ERC721ReceiverRevertsMock.sol per review https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2018\#issuecomment-574381034
* Add changelog entry
* Fix tests
* Make tests more clear
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
* Reorder navbar
* Adapt content to new docsite structure, add links
* Fix list
* fix list
* Apply suggestions from code review
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Update index.adoc
Co-authored-by: Francisco Giordano <frangio.1@gmail.com>
Code sample for MyCrowdsaleDeployer causes TypeError:
```
browser/MyCrowdsaleDeployer.sol:21:13: TypeError: Invalid type for argument in function call.
Invalid implicit conversion from address to contract IERC20 requested.
address(token) // the token
^------------^
```
Change:
```solidity
address(token) // the token
```
To:
```solidity
token // the token
```
Reported by community member in the forum: https://forum.openzeppelin.com/t/invalid-implicit-conversion-from-address-to-contract-ierc20-requested/1937
* Changes ERC777 external functions to public for allowing overrides #1994
* Changes ERC777 external functions to public for allowing overrides (#1994)
* Update ReentrancyGuard for Istanbul Hard Fork
Changes:
Added L37, `_guardCounter = 1;`
Rationale:
The planned _Istanbul Hard Fork_ will implement [EIP 2200](e4d4ea348e/EIPS/eip-2200.md), which implements "net gas metering" for `sstore` operations. If the final value of `_guardCounter` is unchanged relative to the original value of it, a gas refund will be applied and charges for changing the value of `_guardCounter` will effectively not exist. This ends up being cheaper than the current implementation ONLY AFTER Istanbul. Before Istanbul, the added line actually ends up costing more gas.
Note that if `_guardCounter` is `0` initially, the initial cost and subsequent refund will both be larger than if `_guardCounter` is `1` initially. Although in both cases, the net gas cost (`gasCost - gasRefund`) are equal, it's better in terms of cost to have both the gas cost and refund smaller, as there is some limit to the percentage of a gas refund that can actually be realized.
* Update CHANGELOG.md
Added note for change to ReentrancyGuard.sol
* Update ReentrancyGuard.sol
* Update CHANGELOG.md
* Merge GSNBouncerBase into GSNRecipient
* Remove emtpy implementations for _pre and _post
* Rename bouncers to recipients
* Rename bouncers documentation to strategies
* Rewrite guides and docstrings to use the strategy naming scheme
* Address review comments
* Apply suggestions from code review
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* change wording of docs
(cherry picked from commit aae95db4e0)
* switch index to show arg names
* add index separators
* add classes to style variable type and name
* add class for inherited part of index
* use inheritedItems in contracts template
* refactor template to use explicit if and each
(cherry picked from commit 5d6a040fc3)
* GSNSignatureBoucer does not accept zero address
* Linting code.
* Update contracts/GSN/bouncers/GSNBouncerSignature.sol
Makes sense!
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* Update test/GSN/GSNBouncerSignature.test.js
ok!
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* Add zero address constant from OZ test Helpers
* revert prettier formatting
(cherry picked from commit f9a94788fb)
* Fix typo
* Replace pseudo code contracts with sample code
* Update GSN Bouncers text
* More text changes
* Update with latest code and remove reference to allowance
* Capitalize Custom Bouncer
* Update docs/modules/ROOT/pages/gsn-bouncers.adoc
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Update gsn-bouncers.adoc with Antora cross reference
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Revert to handling msg.sender msg.data differently
* Change by default to simplest implementation
* Change signing to include signature for GSNBouncerSignature
* Reword summary of what is in the guide
* Remove "The" from before `GSNBouncer...`
* Fix code snippet markdown
* Change to API references to xref:api
* Remove code from How it works sections
* Explain 1:1 exchange rate
* Change transaction request to relayed call
* Minor fixes
* Add info to Custom Bouncers
* Typo
* Minor fixes
* reorder sentence based on review gsn-bouncers.adoc
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Improve wording of signing of relayed call parameters by trusted signer
(cherry picked from commit 18473d0100)
* Improve IRelayRecipient docs
* Fix link
* Update IRelayHub docs to the docsite format
* Update IRelayRecipient docs to the dociste format
* Fix typo
* Improve GSN readme
* Fix link
* Update GSNRecipient docs
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
(cherry picked from commit d864228624)
* Merge GSNBouncerBase into GSNRecipient
* Remove emtpy implementations for _pre and _post
* Rename bouncers to recipients
* Rename bouncers documentation to strategies
* Rewrite guides and docstrings to use the strategy naming scheme
* Address review comments
* Apply suggestions from code review
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* change wording of docs
* switch index to show arg names
* add index separators
* add classes to style variable type and name
* add class for inherited part of index
* use inheritedItems in contracts template
* refactor template to use explicit if and each
* GSNSignatureBoucer does not accept zero address
* Linting code.
* Update contracts/GSN/bouncers/GSNBouncerSignature.sol
Makes sense!
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* Update test/GSN/GSNBouncerSignature.test.js
ok!
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* Add zero address constant from OZ test Helpers
* revert prettier formatting
* Fix typo
* Replace pseudo code contracts with sample code
* Update GSN Bouncers text
* More text changes
* Update with latest code and remove reference to allowance
* Capitalize Custom Bouncer
* Update docs/modules/ROOT/pages/gsn-bouncers.adoc
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Update gsn-bouncers.adoc with Antora cross reference
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Revert to handling msg.sender msg.data differently
* Change by default to simplest implementation
* Change signing to include signature for GSNBouncerSignature
* Reword summary of what is in the guide
* Remove "The" from before `GSNBouncer...`
* Fix code snippet markdown
* Change to API references to xref:api
* Remove code from How it works sections
* Explain 1:1 exchange rate
* Change transaction request to relayed call
* Minor fixes
* Add info to Custom Bouncers
* Typo
* Minor fixes
* reorder sentence based on review gsn-bouncers.adoc
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Improve wording of signing of relayed call parameters by trusted signer
* refactor(ERC165Checker) replaced assembly code with function
* returned false if result.length==0
* trigger ci
* updated ERC165Checker to return false if result.length < 32
* Improve IRelayRecipient docs
* Fix link
* Update IRelayHub docs to the docsite format
* Update IRelayRecipient docs to the dociste format
* Fix typo
* Improve GSN readme
* Fix link
* Update GSNRecipient docs
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
* Adding in "<<: *defaults" under "coverage"
* Refactoring by capturing similar setup commands into single alias
* Reverting changes, I am not certain exactly how to refactor these setup steps, but at least the &default refactor can be made.
* move gsn link
* change underscore to dash
* add content to gsn api ref
* change link of GSN announcement
* Update contracts/GSN/bouncers/GSNBouncerERC20Fee.sol
Co-Authored-By: Nicolás Venturo <nicolas.venturo@gmail.com>
* fix crossreference to gsn guide
* Remove intro from gsn guide
We are moving the intro to the top-level in the docsite, and focusing this guide into writing gsn-enabled contracts.
* Update docs/modules/ROOT/pages/gsn.adoc
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Update gsn.adoc
* Update gsn_advanced.adoc
Line 15 - where it says, "prevent malicious users from spending the transactions subsidy", with transactions subsidy, is it supposed to be possessive "transaction's subsidy" or is the plural in the wrong place "transaction subsidies"?
Line 176 - where it says "or it is not allowed to spend that amount". Is IT referring to the sender/person or the tx? If IT refers to a person, then change to "or they are not allowed..." for gender neutral.
Line 213 - Where it says, "Please not how the gas cost estimation", a verb is missing, please what?
* Update gsn_advanced.adoc
Apply suggestions by Amy
* switch to using Context internally
* add context import
* Add smoke test to make sure enabling GSN support works
* Update test/GSN/ERC721GSNRecipientMock.test.js
Co-Authored-By: Francisco Giordano <frangio.1@gmail.com>
* Upgrade truffle
* add missing awaits
* Revert "Upgrade truffle"
This reverts commit f9b0ba9019.
* Add base Context contract
* Add GSNContext and tests
* Add RelayHub deployment to tests
* Add RelayProvider integration, complete GSNContext tests
* Switch dependency to openzeppelin-gsn-provider
* Add default txfee to provider
* Add basic signing recipient
* Sign more values
* Add comment clarifying RelayHub's msg.data
* Make context constructors internal
* Rename SigningRecipient to GSNRecipientSignedData
* Add ERC20Charge recipients
* Harcode RelayHub address into GSNContext
* Fix Solidity linter errors
* Run server from binary, use gsn-helpers to fund it
* Migrate to published @openzeppelin/gsn-helpers
* Silence false-positive compiler warning
* Use GSN helper assertions
* Rename meta-tx to gsn, take out of drafts
* Merge ERC20 charge recipients into a single one
* Rename GSNRecipients to Bouncers
* Add GSNBouncerUtils to decouple the bouncers from GSNRecipient
* Add _upgradeRelayHub
* Store RelayHub address using unstructored storage
* Add IRelayHub
* Add _withdrawDeposits to GSNRecipient
* Add relayHub version to recipient
* Make _acceptRelayedCall and _declineRelayedCall easier to use
* Rename GSNBouncerUtils to GSNBouncerBase, make it IRelayRecipient
* Improve GSNBouncerBase, make pre and post sender-protected and optional
* Fix GSNBouncerERC20Fee, add tests
* Add missing GSNBouncerSignature test
* Override transferFrom in __unstable__ERC20PrimaryAdmin
* Fix gsn dependencies in package.json
* Rhub address slot reduced by 1
* Rename relay hub changed event
* Use released gsn-provider
* Run relayer with short sleep of 1s instead of 100ms
* update package-lock.json
* clear circle cache
* use optimized gsn-provider
* update to latest @openzeppelin/gsn-provider
* replace with gsn dev provider
* remove relay server
* rename arguments in approveFunction
* fix GSNBouncerSignature test
* change gsn txfee
* initialize development provider only once
* update RelayHub interface
* adapt to new IRelayHub.withdraw
* update @openzeppelin/gsn-helpers
* update relayhub singleton address
* fix helper name
* set up gsn provider for coverage too
* lint
* Revert "set up gsn provider for coverage too"
This reverts commit 8a7b5be5f9.
* remove unused code
* add gsn provider to coverage
* move truffle contract options back out
* increase gas limit for coverage
* remove unreachable code
* add more gas for GSNContext test
* fix test suite name
* rename GSNBouncerBase internal API
* remove onlyRelayHub modifier
* add explicit inheritance
* remove redundant event
* update name of bouncers error codes enums
* add basic docs page for gsn contracts
* make gsn directory all caps
* add changelog entry
* lint
* enable test run to fail in coverage
* Add circlci, remove .travis.yml. Fixes#1839.
* Fix circleci config
* Add slack notification
* Add circleci status
* Fix config.yml, we don't need separate truffle image and instances.
* Matches oz-sdk node version
* Seems node:10.13 doesn't work for CircleCI either
* Remove npm update in circleci
* CircleCI use package-lock.json as cache key and install only the lock version
* Add back travis.yml
* Rename job build to test
* CircleCI requires that job to be called build instead of test or build_and_test
* Fix the way to run jobs
* Fix CircleCI
* Change back to npm install
* Add workflow and split into tasks
* Add workspace
* Restore cache
* update readme circleci instructions
* make step name more accurate
* added _safeTransferFrom function
* added safeMint functions
* added package-lock.json for consistency, don't know why it changes
* added initial suggestions/modifications
* change _safeTransferFrom to internal, reverted package-lock.json to original, and changed ERC721Pausable to override _transferFrom instead of transferFrom
* included tests for safeMint functions
* modified safeMint tests to be on ERC721Mock contract
* added safeMint to ERC721Mintable & respective test to ERC721MintBurn.behavior.js
* Rename package and repository name from docs and scripts
* undo root package rename
* add @openzeppelin/contracts as subpackage with release automation
* synchronize @openzeppelin/contracts version
* remove private field from package.json
* make file patterns absolute
* change wording of a comment
* use a saner version script
* Using extcodehash instead of extcodesize for less gas
`extcodehash` uses less gas then `extcodesize`. You can tell which address is a contract by the hash (see EIP-1052).
* Fix
* Add explainer
* Update Address.sol
* add changelog entry
* Simplification and optimization of existing contracts #8888
* Simplification of SimpleToken
* This is the fixed Simplification
* My bad I'm playing around with this git stuff, should be correct now
* add missing parenthesis
* Updated code style to no more than120 characters per line.
* Unify code comments style with Doxygen-style tags.
* Fix the conflicts.
* Add a return value in the contract ERC20Burnable.
* A Add a wrapper function to change type of address to address payable.
* U Modify Address utils.
* A Add test case for Address.
* U Modify code style in ERC20Burnable.
* Add changelog entry.
* Improved dev docs.
* update truffle to include bugfix
* change prepack script to prepare
* add npx in compile script
* fix for older node
* rename script file to prepare
(cherry picked from commit 036dd9bd6e)
* Moved ERC1820 related contracts out of drafts and into introspection.
* Moved ERC777 related contracts out of drafts and into token.
(cherry picked from commit c794c96617)
* update truffle to 5.0.14
* fix setup to test with solc-nightly
* switch to npx in script/test.sh
* please the linter
* rename build to prepack
* move download of nightly build to a compile script
* make compile script executable
* initial docsite setup
* switch from pushd to cd
* install and set up solidity-docgen
* use the docsite branch next for now
* make it clear that env var is a repository
* add a clarifying comment about a relative path
* change relative to absolute path in docsite script
* add docgen script
* add first few READMEs for contract documentation
* update solidity-docgen
* add docsite as dependency and adjust script
* update openzeppelin-docsite
* update solidity-docgen
* remove dummy text
* update docgen and docsite
* update openzeppelin-docsite
* add netlify.toml
* udpate tokens guide for 2.2
* add DOCUMENTATION.md
* Update docs/learn-about-utilities.md
Co-Authored-By: frangio <frangio.1@gmail.com>
* fix PaymentSplitter docs wording
* update solidity-docgen
* add missing ERC20 contracts
* update solidity-docgen
* trigger deploy with cleared cache
* update solidity-docgen
* update openzeppelin-docsite
* remove travis docs setup
* update openzeppelin-docsite
* switch to published solidity-docgen
* replacing all instances of from: anyone with from: other
* replacing all instances of from: anyone with from: other
* replacing all instances of from: anyone with from: other
* changing anyone to other
* changing anyone to other
* Update PaymentSplitter.sol
* add back private function docs
* add non-zero address requirement
* add comprehensive contract-level docs
* use capital E for Ether
* Rename variable from thing to contractUnderTest
* Compute function signatures in ERC165 interfaces
The ERC165 tests currently precompute some known interface ids.
This commit extracts the interfaces into a separate object and
precomputes the individual function signatures.
This will be useful to identify contracts that support an interface
but do not implement all of the corresponding functions.
* Add tests for ERC165 interface implementations
The ERC165 tests confirm that contracts claim to support
particular interfaces ( using the supportsInterface method )
This commit extends those tests to confirm that the corresponding
functions are included in the contract ABI.
It also rewords the existing test names in order to group the
implementation tests with the corresponding interface tests.
* Remove obsolete ERC721Exists interface constant
* Transaction Malleability:
If you allow for both values 0/1 and 27/28, you allow two different
signatures both resulting in a same valid recovery. (r,s,0/1) and
(r,s,27/28) would both be valid, recover the same public key and sign
the same data. Furthermore, given (r,s,0/1), (r,s,27/28) can be
constructed by anyone.
* Transaction Malleability:
EIP-2 still allows signature malleabality for ecrecover(), remove this
possibility and force the signature to be unique.
* Added a reference to appendix F to the yellow paper and improved
comment.
* better test description for testing the version 0, which returns
a zero address
* Check that the conversion from 0/1 to 27/28 only happens if its 0/1
* improved formatting
* Refactor ECDSA code a bit.
* Refactor ECDSA tests a bit.
* Add changelog entry.
* Add high-s check test.
* Add guard to ERC20Migrator migrate function
* Add tests for premature migration in ERC20Migrator
These tests apply to the new guard condition, but they don't
fail without it, since the functions revert anyway.
They are added for completeness and to ensure full code coverage.
* Use context block around premature migration tests
We should use context blocks for situational details
and describe for features or functions.
* Add IntelliJ IDE config to .gitignore
* Fix variable name in ERC20 function comments
* Fix typos in Arrays function comment
* Fix typos in ownership test names
* Fix typo in Pausable test name
* Fix grammar in Ownable function comment
* Fix grammar in Crowdsale contract comment
* Fix typo in Counters contract comment
* Fix typo in ERC721Enumerable comment
* Fix typo in ERC721PausedToken test name
* Fix typo in Crowdsale function comment
* Fix typo in IncreasingPriceCrowdsale function comment
* Fix grammar in IncreasingPriceCrowdsale test name
* Fix typo in AllowanceCrowdsale test name
* Fix typo in RefundEscrow function comment
* Fix typo in ERC20Migrator contract comment
* Fix typos in SignatureBouncer comments
* Fix typo in SignedSafeMath test name
* Fix typo in TokenVesting contract comment
* Move Ownable comment from @notice section to @dev
The Ownable contract has a comment explaining that renouncing
ownership will prevent execution of functions with the onlyOwner
modifier.
This commit moves that comment to the @dev section and replaces it
with a description suitable for a generic user.
* Clarify purpose of ERC20 transfer function
* Clarify registration of ERC721Enumerable interface
* Clarify purpose of AllowanceCrowdsale test
* Increase specificity of inheritance comments
FinalizableCrowdsale and RefundableCrowsale both have comments
indicating that they are extensions of the Crowdsale contract.
This commit refines those comments to the most immediate ancestor
( TimedCrowdsale and RefundableCrowdsale respectively )
* Remove unused parameter in PaymentSplitter test
* Rename parameter in SignatureBouncer functions
The SignatureBouncer contract has modifiers to validate the
message sender is authorised to perform an action. They pass
msg.sender to internal functions as the variable `account`, but
the function comments refer to the variable as `sender`
This commit changes the variable name to `sender`
* Clarify comments in SignatureBouncer functions
The SignatureBouncer has comments that use the description
`sender` to refer to the variable `account`.
This commit updates the comments for consistency.
Maintainer Note: this reverts changes in the previous commit,
which renamed the variable `account` instead.
* Add the solidity linter command to the PR template
The PR template states that a contributor should run the
Solidity/JS linters before submission. However, it only states the
command for the JS linter.
This commit adds the Solidity linter command explicitly.
* Use past tense in the list of prerequisites
* Refactor Counter to support increment and decrement.
* Move Counter out of drafts.
* Refactor ERC721 to use Counter.
* Rollback Counter returning the current value in increment and decrement.
* Update test/drafts/Counter.test.js
Co-Authored-By: nventuro <nicolas.venturo@gmail.com>
* Improve Counter documentation.
* Move Counter.test to utils.
* Move back Counter to drafts.
* Adding solhint, working on style fixes.
* Upgraded to solhint 1.5.0.
* Removed all references to Solium
* Updated mocks to make the pass the new linter rules.
* Reformatted the .solhint.json file a bit.
* Removed Solium configuration files.
* Remove Solium dependency.
* Add comment explaing disabled time rule in TokenVesting.
* Revert to the old (ugly?) style.
* Revert SignatureBouncerMock style.
* Fix ERC165InterfacesSupported interface.
* Now compiling in a separate directory using truffle 5.
* Ported to 0.5.1, now compiling using 0.5.1.
* test now also compiles using the truffle 5 hack.
* Downgraded to 0.5.0.
* Sorted scripts.
* Cleaned up the compile script a bit.
* signed safe math
* fix lint errors
* refactor overflow checks and add descriptions
* remove incorrect description
* add test for reversed arguments in multiplication test
* fix power operator
* improve multiplication test descriptions
* Update SafeMath.test.js
* add feature to changelog
* Added PausableCrowdsale contract
* Changed inheritance order to prevent "Linearization of inheritance graph impossible" error
* Updated mock PausableCrowdsaleImpl to new constructor syntax
* Broke function definition to multiple lines
Comply with new max line length
* Rename events to past-tense in PausableCrowdsale test
* Removed should.be.fullfilled from PausableCrowdsale tests
* Change import assertRevert to require in PausableCrowdsale tests
* Remove dependency on chai-as-promised and added BigNumber support in PausableCrowdsale tests
* reindent solidity with 4 spaces
* add missing view modifier in _preValidatePurchase
* convert assertRevert to new shoulFail helper
* add new setup helper
* use expectEvent
* convert to assert to chai should style
* add description to beforeEach blocks
* extract common step to beforeEach
* improve documentation
* revert inheritance error
* move PausableCrowdsale into crowdsale/validation
* make documentation more specific
* put whitespace in line with convention
* improve test suite account names
* undo beforeEach descriptions
* simplify tests
* fix transaction senders to be the anyone account
* make transaction senders more explicit
* remove mocha only
* Now only swapping when needed.
* Removed _addTokenTo and _removeTokenFrom
* Removed removeTokenFrom test.
* Added tests for ERC721 _mint and _burn
* _burn now uses the same swap and pop mechanism as _removeFromOwner
* Gas optimization on burn
* Added WhitelisterRole.
* Added WhitelisteeRole and WhitelistedCrowdsale.
* Added WhitelistedCrowdsale tests.
* Whitelisters can now remove Whitelistees.
* PublicRole.behavior now supports a manager account, added Whitelistee tests.
* Rephrased tests, added test for whitelistees doing invalid purchases.
* Fixed linter error.
* Fixed typos
Co-Authored-By: nventuro <nicolas.venturo@gmail.com>
* Working around JS quirks
Co-Authored-By: nventuro <nicolas.venturo@gmail.com>
* Update PublicRole.behavior.js
* Renamed WhitelisteeRole to WhitelistedRole.
* Renamed WhitelistedCrowdsale to WhitelistCrowdsale.
* Now using the new test helper.
* Added basic documentation.
* Added advanceBlock to time, moved tests around.
* Removed the standalone advanceBlock.
* Removed the 'id' field
* Fixed linter error.
* Removed the 'latest' test, since it only works if time hasn't been fast-forwarded.
* Removed .only directive.
* transferFrom now emits an Approval event, indicating the updated allowance.
* Updated burnFrom to also emit Approval.
* Added notices about the extra Approval events.
* Added inTransaction tests.
* Added expectEvent.inConstructor.
* Changed inTransaction, removed decodeLogs.
* Flipped comparison to improve the error message.
* Improved expectEvent tests.
* Migrated tests to use expectEvent.
* Added roles constructor tests.
* Fixed linter errors.
* Made lodash a dev dependency.
* Added more inLogs tests.
* Update expectEvent.test.js
* Removed lodash.
* Moved role constructor tests to public role behavior.
* Revert "Flipped comparison to improve the error message."
This reverts commit 438c57833d.
* Replaced chai-as-promised with shouldFail.
* Rolled back Travis stages
* Rolled back the rolled-back changes.
* Renamed jobs, coverage can no longer fail.
* Cleaned up the yaml file a bit.
* Updated coveralls badge.
Small change in test description, should be "allows to approve..." instead of "allow to transfer..." in approve section, where test actualy try to approve, not to transfer.
* Remove redundant require statements
Now that SafeMath uses require, the require statements are redundant. They were also previously inconsistent because they were only included in some functions, but not others
* Update ERC20.sol
* Made _clearApproval private, added clarifying comments in _addTokenTo and _removeTokenFrom.
* Added approval information.
(cherry picked from commit 8204f6a71f)
* Improved TokenVesting events.
* Added extra checks to TokenVesting.
* Renamed the events.
* Fixed linter error.
* Fixed a test that failed to cover a require.
* Renamed TokensRevoked to TokenVestingRevoked.
(cherry picked from commit 67dac7ae99)
* Replaced assertJump, assertRevert and expectThrow with shouldFail.
* Fixed linter errors.
* Fixed typo.
* Made the helpers async.
(cherry picked from commit b0da0fded0)
* Add BigNumber support to expectEvent/inLogs (#1026)
* switched direct logs array check to expectEvent method in AllowanceCrowdsale.test.js
* Refactor expectEvent.inLogs function to use simple value number check
* Introduced should.be.bignumber method to compare BigNumber values
* Use expectEvent to test logs (#1232)
* Removed trailing space
(cherry picked from commit 536262f2ec)
* Add BigNumber support to expectEvent/inLogs (#1026)
* switched direct logs array check to expectEvent method in AllowanceCrowdsale.test.js
* Refactor expectEvent.inLogs function to use simple value number check
* Introduced should.be.bignumber method to compare BigNumber values
* Destructure transaction object to extract logs field
(cherry picked from commit 947de54cee)
* Add Arrays library with unit tests (#1209)
* prepared due to snapshot token requirements
* add library with method to find upper bound
* add unit test for basic and edge cases
* Imporove documentation for Arrays library
Simplify Arrays.test.js to use short arrays as test date
* Added comment for uint256 mid variable.
* Explaned why uint256 mid variable calculated as Math.average is safe to use as index of array.
(cherry picked from commit f7e53d90fa)
* Improved TokenVesting events.
* Added extra checks to TokenVesting.
* Renamed the events.
* Fixed linter error.
* Fixed a test that failed to cover a require.
* Renamed TokensRevoked to TokenVestingRevoked.
* Add Arrays library with unit tests (#1209)
* prepared due to snapshot token requirements
* add library with method to find upper bound
* add unit test for basic and edge cases
* Imporove documentation for Arrays library
Simplify Arrays.test.js to use short arrays as test date
* Added comment for uint256 mid variable.
* Explaned why uint256 mid variable calculated as Math.average is safe to use as index of array.
* separate part of ERC721Mintable into ERC721MetadataMintable
* remove mint and burn from 721 tests
* Fixed linter error.
* fix ERC721 mint tests
* Minor fixes.
(cherry picked from commit 744f567f40)
* separate part of ERC721Mintable into ERC721MetadataMintable
* remove mint and burn from 721 tests
* Fixed linter error.
* fix ERC721 mint tests
* Minor fixes.
* Fixed a broken payment test
* In PR template, npm run lint:fix, not lint:all:fix
* In SplitPayment test, replaced an await-in-loop with Promise.all
(cherry picked from commit b79196f911)
* Add BigNumber support to expectEvent/inLogs (#1026)
* switched direct logs array check to expectEvent method in AllowanceCrowdsale.test.js
* Refactor expectEvent.inLogs function to use simple value number check
* Introduced should.be.bignumber method to compare BigNumber values
* Use expectEvent to test logs (#1232)
* Removed trailing space
* Add BigNumber support to expectEvent/inLogs (#1026)
* switched direct logs array check to expectEvent method in AllowanceCrowdsale.test.js
* Refactor expectEvent.inLogs function to use simple value number check
* Introduced should.be.bignumber method to compare BigNumber values
* Destructure transaction object to extract logs field
* release candidate v2.0.0-rc.1
* fix linter error
(cherry picked from commit c12a1c6898)
* Roles now emit events in construction and when renouncing.
(cherry picked from commit 21198bf1c1)
* rename Index.currentId to current
* use += operator for clarity
* rename Counter.Index to Counter.Counter
* move Counter to drafts
(cherry picked from commit 3e55408cb5)
* Extract standard token behaviuor to reuse it in other tests
* Add opt in ERC20 migration contract
* Make migration contract not to depend from standard token
* Changes based on feedback
* Improve MigratableERC20 inline documentation
* move behaviors to behaviors directory
* refactor MigratableERC20 into ERC20Migrator
* fix errors
* change expectEvent to support multiple events with same name
* fix tests
* update documentation
* rename MigratableERC20 files to ERC20Migrator
* move to drafts
* test beginMigration
* rename to ERC20Migrator
* missing semicolon (╯°□°)╯︵ ┻━┻
* add non-zero check
* improve documentation based on review comments
* improve test descriptions
* improve docs
* add getters
* fix contract
* improve tests
* The role library now requires non-zero addresses.
* Fixed SignatureBouncer checks with null address.
* change ternary operator for or operator
* adapt to new variable name convention
* Update Roles.sol
* Role tests (#1228)
* Moved RBAC tests to access.
* Added Roles.addMany and tests.
* Fixed linter error.
* Now using uint256 indexes.
* Removed RBAC tokens (#1229)
* Deleted RBACCappedTokenMock.
* Removed RBACMintableToken.
* Removed RBACMintableToken from the MintedCrowdsale tests.
* Roles can now be transfered. (#1235)
* Roles can now be transfered.
* Now explicitly checking support for the null address.
* Now rejecting transfer to a role-haver.
* Added renounce, roles can no longer be transfered to 0.
* Fixed linter errors.
* Fixed a Roles test.
* True Ownership (#1247)
* Added barebones Secondary.
* Added transferPrimary
* Escrow is now Secondary instead of Ownable.
* Now reverting on transfers to 0.
* The Secondary's primary is now private.
* Improve encapsulation on ERC165
* Improve encapsulation on ERC20
* Improve encapsulation on ERC721
* Add tests, use standard getters
* fix tests
* Fix lint
* MintableToken using Roles (#1236)
* Minor test style improvements (#1219)
* Changed .eq to .equal
* Changed equal(bool) to .to.be.bool
* Changed be.bool to equal(bool), disallowed unused expressions.
* Add ERC165Query library (#1086)
* Add ERC165Query library
* Address PR Comments
* Add tests and mocks from #1024 and refactor code slightly
* Fix javascript and solidity linting errors
* Split supportsInterface into three methods as discussed in #1086
* Change InterfaceId_ERC165 comment to match style in the rest of the repo
* Fix max-len lint issue on ERC165Checker.sol
* Conditionally ignore the asserts during solidity-coverage test
* Switch to abi.encodeWithSelector and add test for account addresses
* Switch to supportsInterfaces API as suggested by @frangio
* Adding ERC165InterfacesSupported.sol
* Fix style issues
* Add test for supportsInterfaces returning false
* Add ERC165Checker.sol newline
* feat: fix coverage implementation
* fix: solidity linting error
* fix: revert to using boolean tests instead of require statements
* fix: make supportsERC165Interface private again
* rename SupportsInterfaceWithLookupMock to avoid name clashing
* Added mint and burn tests for zero amounts. (#1230)
* Changed .eq to .equal. (#1231)
* ERC721 pausable token (#1154)
* ERC721 pausable token
* Reuse of ERC721 Basic behavior for Pausable, split view checks in paused state & style fixes
* [~] paused token behavior
* Add some detail to releasing steps (#1190)
* add note about pulling upstream changes to release branch
* add comment about upstream changes in merging section
* Increase test coverage (#1237)
* Fixed a SplitPayment test
* Deleted unnecessary function.
* Improved PostDeliveryCrowdsale tests.
* Improved RefundableCrowdsale tests.
* Improved MintedCrowdsale tests.
* Improved IncreasingPriceCrowdsale tests.
* Fixed a CappedCrowdsale test.
* Improved TimedCrowdsale tests.
* Improved descriptions of added tests.
* ci: trigger docs update on tag (#1186)
* MintableToken now uses Roles.
* Fixed FinalizableCrowdsale test.
* Roles can now be transfered.
* Fixed tests related to MintableToken.
* Removed Roles.check.
* Renamed transferMintPermission.
* Moved MinterRole
* Fixed RBAC.
* Adressed review comments.
* Addressed review comments
* Fixed linter errors.
* Added Events tests of Pausable contract (#1207)
* Fixed roles tests.
* Rename events to past-tense (#1181)
* fix: refactor sign.js and related tests (#1243)
* fix: refactor sign.js and related tests
* fix: remove unused dep
* fix: update package.json correctly
* Added "_" sufix to internal variables (#1171)
* Added PublicRole test.
* Fixed crowdsale tests.
* Rename ERC interfaces to I prefix (#1252)
* rename ERC20 to IERC20
* move ERC20.sol to IERC20.sol
* rename StandardToken to ERC20
* rename StandardTokenMock to ERC20Mock
* move StandardToken.sol to ERC20.sol, likewise test and mock files
* rename MintableToken to ERC20Mintable
* move MintableToken.sol to ERC20Mintable.sol, likewise test and mock files
* rename BurnableToken to ERC20Burnable
* move BurnableToken.sol to ERC20Burnable.sol, likewise for related files
* rename CappedToken to ERC20Capped
* move CappedToken.sol to ERC20Capped.sol, likewise for related files
* rename PausableToken to ERC20Pausable
* move PausableToken.sol to ERC20Pausable.sol, likewise for related files
* rename DetailedERC20 to ERC20Detailed
* move DetailedERC20.sol to ERC20Detailed.sol, likewise for related files
* rename ERC721 to IERC721, and likewise for other related interfaces
* move ERC721.sol to IERC721.sol, likewise for other 721 interfaces
* rename ERC721Token to ERC721
* move ERC721Token.sol to ERC721.sol, likewise for related files
* rename ERC721BasicToken to ERC721Basic
* move ERC721BasicToken.sol to ERC721Basic.sol, likewise for related files
* rename ERC721PausableToken to ERC721Pausable
* move ERC721PausableToken.sol to ERC721Pausable.sol
* rename ERC165 to IERC165
* move ERC165.sol to IERC165.sol
* amend comment that ERC20 is based on FirstBlood
* fix comments mentioning IERC721Receiver
* added explicit visibility (#1261)
* Remove underscores from event parameters. (#1258)
* Remove underscores from event parameters.
Fixes#1175
* Add comment about ERC
* Move contracts to subdirectories (#1253)
* Move contracts to subdirectories
Fixes#1177.
This Change also removes the LimitBalance contract.
* fix import
* move MerkleProof to cryptography
* Fix import
* Remove HasNoEther, HasNoTokens, HasNoContracts, and NoOwner (#1254)
* remove HasNoEther, HasNoTokens, HasNoContracts, and NoOwner
* remove unused ERC223TokenMock
* remove Contactable
* remove TokenDestructible
* remove DeprecatedERC721
* inline Destructible#destroy in Bounty
* remove Destructible
* Functions in interfaces changed to "external" (#1263)
* Add a leading underscore to internal and private functions. (#1257)
* Add a leading underscore to internal and private functions.
Fixes#1176
* Remove super
* update the ERC721 changes
* add missing underscore after merge
* Fix mock
* Improve encapsulation on SignatureBouncer, Whitelist and RBAC example (#1265)
* Improve encapsulation on Whitelist
* remove only
* update whitelisted crowdsale test
* Improve encapsulation on SignatureBouncer
* fix missing test
* Improve encapsulation on RBAC example
* Improve encapsulation on RBAC example
* Remove extra visibility
* Improve encapsulation on ERC20 Mintable
* Improve encapsulation on Superuser
* fix lint
* add missing constant
* Addressed review comments.
* Fixed build error.
* move interface ids to implementation contracts
* Do not prefix getters
* Improve encapsulation on Crowdsales
* add missing tests
* remove only
* Improve encapsulation on Pausable
* add the underscore
* Improve encapsulation on ownership
* fix rebase
* fix ownership
* Improve encapsulation on payments
* Add missing tests
* add missing test
* Do not prefix getters
* Do not prefix getters
* Fix tests.
* Update modifiers to call public view functions.
Fixes#1179.
* Improve encapsulation on BreakInvariantBounty
* Make researchers private
* Improve encapsulation on Crowdsales
* add missing tests
* remove only
* Improve encapsulation on Pausable
* add the underscore
* Improve encapsulation on ownership
* fix rebase
* fix ownership
* Improve encapsulation on payments
* Add missing tests
* add missing test
* Do not prefix getters
* Do not prefix getters
* Do not prefix getters
* Fix tests.
* tmp
* remove isMinter
* fix is owner call
* fix isOpen
* Fix merge
* tmp
* Improve encapsulation on TimedCrowdsale
* Add missing parentheses
* Use prefix underscore for state variables and no underscore for parameters
* Improved Roles API. (#1280)
* Improved Roles API.
* fix linter error
* Added PauserRole. (#1283)
* remove duplicate function definition
* Remove Claimable, DelayedClaimable, Heritable (#1274)
* remove Claimable, DelayedClaimable, Heritable
* remove SimpleSavingsWallet example which used Heritable
(cherry picked from commit 0dc711732a)
* Role behavior tests (#1285)
* Added role tests.
* Added PauserRole tests to contracts that have that role.
* Added MinterRole tests to contracts that have that role.
* Fixed linter errors.
* Migrate Ownable to Roles (#1287)
* Added CapperRole.
* RefundEscrow is now Secondary.
* FinalizableCrowdsale is no longer Ownable.
* Removed Whitelist and WhitelistedCrowdsale, redesign needed.
* Fixed linter errors, disabled lbrace due to it being buggy.
* Remove RBAC, SignatureBouncer refactor (#1289)
* Added CapperRole.
* RefundEscrow is now Secondary.
* FinalizableCrowdsale is no longer Ownable.
* Removed Whitelist and WhitelistedCrowdsale, redesign needed.
* Fixed linter errors, disabled lbrace due to it being buggy.
* Moved SignatureBouncer tests.
* Deleted RBAC and Superuser.
* Deleted rbac directory.
* Updated readme.
* SignatureBouncer now uses SignerRole, renamed bouncer to signer.
* feat: implement ERC721Mintable and ERC721Burnable (#1276)
* feat: implement ERC721Mintable and ERC721Burnable
* fix: linting errors
* fix: remove unused mintable mock for ERC721BasicMock
* fix: add finishMinting tests
* fix: catch MintFinished typo
* inline ERC721Full behavior
* undo pretty formatting
* fix lint errors
* rename canMint to onlyBeforeMintingFinished for consistency with ERC20Mintable
* Fix the merge with the privatization branch
* fix lint
* Remove underscore
* Delete CapperRole.test.js
* fix increaseApproval
* rename {increase,decrease}Approval to {increase,decrease}Allowance
* add non-zero spender check to approve and {increase,decrease}Allowance
* Updated tests to reflect the new behavior.
* fix wrong test description
* fix old function names
* Fixed linter error.
* Fixed typo.
* Role tests (#1228)
* Moved RBAC tests to access.
* Added Roles.addMany and tests.
* Fixed linter error.
* Now using uint256 indexes.
* Removed RBAC tokens (#1229)
* Deleted RBACCappedTokenMock.
* Removed RBACMintableToken.
* Removed RBACMintableToken from the MintedCrowdsale tests.
* Roles can now be transfered. (#1235)
* Roles can now be transfered.
* Now explicitly checking support for the null address.
* Now rejecting transfer to a role-haver.
* Added renounce, roles can no longer be transfered to 0.
* Fixed linter errors.
* Fixed a Roles test.
* True Ownership (#1247)
* Added barebones Secondary.
* Added transferPrimary
* Escrow is now Secondary instead of Ownable.
* Now reverting on transfers to 0.
* The Secondary's primary is now private.
* MintableToken using Roles (#1236)
* Minor test style improvements (#1219)
* Changed .eq to .equal
* Changed equal(bool) to .to.be.bool
* Changed be.bool to equal(bool), disallowed unused expressions.
* Add ERC165Query library (#1086)
* Add ERC165Query library
* Address PR Comments
* Add tests and mocks from #1024 and refactor code slightly
* Fix javascript and solidity linting errors
* Split supportsInterface into three methods as discussed in #1086
* Change InterfaceId_ERC165 comment to match style in the rest of the repo
* Fix max-len lint issue on ERC165Checker.sol
* Conditionally ignore the asserts during solidity-coverage test
* Switch to abi.encodeWithSelector and add test for account addresses
* Switch to supportsInterfaces API as suggested by @frangio
* Adding ERC165InterfacesSupported.sol
* Fix style issues
* Add test for supportsInterfaces returning false
* Add ERC165Checker.sol newline
* feat: fix coverage implementation
* fix: solidity linting error
* fix: revert to using boolean tests instead of require statements
* fix: make supportsERC165Interface private again
* rename SupportsInterfaceWithLookupMock to avoid name clashing
* Added mint and burn tests for zero amounts. (#1230)
* Changed .eq to .equal. (#1231)
* ERC721 pausable token (#1154)
* ERC721 pausable token
* Reuse of ERC721 Basic behavior for Pausable, split view checks in paused state & style fixes
* [~] paused token behavior
* Add some detail to releasing steps (#1190)
* add note about pulling upstream changes to release branch
* add comment about upstream changes in merging section
* Increase test coverage (#1237)
* Fixed a SplitPayment test
* Deleted unnecessary function.
* Improved PostDeliveryCrowdsale tests.
* Improved RefundableCrowdsale tests.
* Improved MintedCrowdsale tests.
* Improved IncreasingPriceCrowdsale tests.
* Fixed a CappedCrowdsale test.
* Improved TimedCrowdsale tests.
* Improved descriptions of added tests.
* ci: trigger docs update on tag (#1186)
* MintableToken now uses Roles.
* Fixed FinalizableCrowdsale test.
* Roles can now be transfered.
* Fixed tests related to MintableToken.
* Removed Roles.check.
* Renamed transferMintPermission.
* Moved MinterRole
* Fixed RBAC.
* Adressed review comments.
* Addressed review comments
* Fixed linter errors.
* Added Events tests of Pausable contract (#1207)
* Fixed roles tests.
* Rename events to past-tense (#1181)
* fix: refactor sign.js and related tests (#1243)
* fix: refactor sign.js and related tests
* fix: remove unused dep
* fix: update package.json correctly
* Added "_" sufix to internal variables (#1171)
* Added PublicRole test.
* Fixed crowdsale tests.
* Rename ERC interfaces to I prefix (#1252)
* rename ERC20 to IERC20
* move ERC20.sol to IERC20.sol
* rename StandardToken to ERC20
* rename StandardTokenMock to ERC20Mock
* move StandardToken.sol to ERC20.sol, likewise test and mock files
* rename MintableToken to ERC20Mintable
* move MintableToken.sol to ERC20Mintable.sol, likewise test and mock files
* rename BurnableToken to ERC20Burnable
* move BurnableToken.sol to ERC20Burnable.sol, likewise for related files
* rename CappedToken to ERC20Capped
* move CappedToken.sol to ERC20Capped.sol, likewise for related files
* rename PausableToken to ERC20Pausable
* move PausableToken.sol to ERC20Pausable.sol, likewise for related files
* rename DetailedERC20 to ERC20Detailed
* move DetailedERC20.sol to ERC20Detailed.sol, likewise for related files
* rename ERC721 to IERC721, and likewise for other related interfaces
* move ERC721.sol to IERC721.sol, likewise for other 721 interfaces
* rename ERC721Token to ERC721
* move ERC721Token.sol to ERC721.sol, likewise for related files
* rename ERC721BasicToken to ERC721Basic
* move ERC721BasicToken.sol to ERC721Basic.sol, likewise for related files
* rename ERC721PausableToken to ERC721Pausable
* move ERC721PausableToken.sol to ERC721Pausable.sol
* rename ERC165 to IERC165
* move ERC165.sol to IERC165.sol
* amend comment that ERC20 is based on FirstBlood
* fix comments mentioning IERC721Receiver
* added explicit visibility (#1261)
* Remove underscores from event parameters. (#1258)
* Remove underscores from event parameters.
Fixes#1175
* Add comment about ERC
* Move contracts to subdirectories (#1253)
* Move contracts to subdirectories
Fixes#1177.
This Change also removes the LimitBalance contract.
* fix import
* move MerkleProof to cryptography
* Fix import
* Remove HasNoEther, HasNoTokens, HasNoContracts, and NoOwner (#1254)
* remove HasNoEther, HasNoTokens, HasNoContracts, and NoOwner
* remove unused ERC223TokenMock
* remove Contactable
* remove TokenDestructible
* remove DeprecatedERC721
* inline Destructible#destroy in Bounty
* remove Destructible
* Functions in interfaces changed to "external" (#1263)
* Add a leading underscore to internal and private functions. (#1257)
* Add a leading underscore to internal and private functions.
Fixes#1176
* Remove super
* update the ERC721 changes
* add missing underscore after merge
* Fix mock
* Improve encapsulation on SignatureBouncer, Whitelist and RBAC example (#1265)
* Improve encapsulation on Whitelist
* remove only
* update whitelisted crowdsale test
* Improve encapsulation on SignatureBouncer
* fix missing test
* Improve encapsulation on RBAC example
* Improve encapsulation on RBAC example
* Remove extra visibility
* Improve encapsulation on ERC20 Mintable
* Improve encapsulation on Superuser
* fix lint
* add missing constant
* Addressed review comments.
* Fixed build error.
* Improved Roles API. (#1280)
* Improved Roles API.
* fix linter error
* Added PauserRole. (#1283)
* Remove Claimable, DelayedClaimable, Heritable (#1274)
* remove Claimable, DelayedClaimable, Heritable
* remove SimpleSavingsWallet example which used Heritable
(cherry picked from commit 0dc711732a)
* Role behavior tests (#1285)
* Added role tests.
* Added PauserRole tests to contracts that have that role.
* Added MinterRole tests to contracts that have that role.
* Fixed linter errors.
* Migrate Ownable to Roles (#1287)
* Added CapperRole.
* RefundEscrow is now Secondary.
* FinalizableCrowdsale is no longer Ownable.
* Removed Whitelist and WhitelistedCrowdsale, redesign needed.
* Fixed linter errors, disabled lbrace due to it being buggy.
* Remove RBAC, SignatureBouncer refactor (#1289)
* Added CapperRole.
* RefundEscrow is now Secondary.
* FinalizableCrowdsale is no longer Ownable.
* Removed Whitelist and WhitelistedCrowdsale, redesign needed.
* Fixed linter errors, disabled lbrace due to it being buggy.
* Moved SignatureBouncer tests.
* Deleted RBAC and Superuser.
* Deleted rbac directory.
* Updated readme.
* SignatureBouncer now uses SignerRole, renamed bouncer to signer.
* feat: implement ERC721Mintable and ERC721Burnable (#1276)
* feat: implement ERC721Mintable and ERC721Burnable
* fix: linting errors
* fix: remove unused mintable mock for ERC721BasicMock
* fix: add finishMinting tests
* fix: catch MintFinished typo
* inline ERC721Full behavior
* undo pretty formatting
* fix lint errors
* rename canMint to onlyBeforeMintingFinished for consistency with ERC20Mintable
* Fix the merge with the privatization branch
* remove duplicate CapperRole test
* Improve encapsulation on ERC165
* Improve encapsulation on ERC20
* Improve encapsulation on ERC721
* Add tests, use standard getters
* fix tests
* Fix lint
* move interface ids to implementation contracts
* Do not prefix getters
* rename proposals directory to drafts directory
* move TokenVesting and SignatureBouncer to drafts/
* rename BouncerMock.sol to SignatureBouncerMock.sol
* Improve encapsulation on Whitelist
* remove only
* update whitelisted crowdsale test
* Improve encapsulation on SignatureBouncer
* fix missing test
* Improve encapsulation on RBAC example
* Improve encapsulation on RBAC example
* Remove extra visibility
* Improve encapsulation on ERC20 Mintable
* Improve encapsulation on Superuser
* fix lint
* add missing constant
* Add a leading underscore to internal and private functions.
Fixes#1176
* Remove super
* update the ERC721 changes
* add missing underscore after merge
* Fix mock
* Move contracts to subdirectories
Fixes#1177.
This Change also removes the LimitBalance contract.
* fix import
* move MerkleProof to cryptography
* Fix import
* rename ERC20 to IERC20
* move ERC20.sol to IERC20.sol
* rename StandardToken to ERC20
* rename StandardTokenMock to ERC20Mock
* move StandardToken.sol to ERC20.sol, likewise test and mock files
* rename MintableToken to ERC20Mintable
* move MintableToken.sol to ERC20Mintable.sol, likewise test and mock files
* rename BurnableToken to ERC20Burnable
* move BurnableToken.sol to ERC20Burnable.sol, likewise for related files
* rename CappedToken to ERC20Capped
* move CappedToken.sol to ERC20Capped.sol, likewise for related files
* rename PausableToken to ERC20Pausable
* move PausableToken.sol to ERC20Pausable.sol, likewise for related files
* rename DetailedERC20 to ERC20Detailed
* move DetailedERC20.sol to ERC20Detailed.sol, likewise for related files
* rename ERC721 to IERC721, and likewise for other related interfaces
* move ERC721.sol to IERC721.sol, likewise for other 721 interfaces
* rename ERC721Token to ERC721
* move ERC721Token.sol to ERC721.sol, likewise for related files
* rename ERC721BasicToken to ERC721Basic
* move ERC721BasicToken.sol to ERC721Basic.sol, likewise for related files
* rename ERC721PausableToken to ERC721Pausable
* move ERC721PausableToken.sol to ERC721Pausable.sol
* rename ERC165 to IERC165
* move ERC165.sol to IERC165.sol
* amend comment that ERC20 is based on FirstBlood
* fix comments mentioning IERC721Receiver
* Add ERC165Query library
* Address PR Comments
* Add tests and mocks from #1024 and refactor code slightly
* Fix javascript and solidity linting errors
* Split supportsInterface into three methods as discussed in #1086
* Change InterfaceId_ERC165 comment to match style in the rest of the repo
* Fix max-len lint issue on ERC165Checker.sol
* Conditionally ignore the asserts during solidity-coverage test
* Switch to abi.encodeWithSelector and add test for account addresses
* Switch to supportsInterfaces API as suggested by @frangio
* Adding ERC165InterfacesSupported.sol
* Fix style issues
* Add test for supportsInterfaces returning false
* Add ERC165Checker.sol newline
* feat: fix coverage implementation
* fix: solidity linting error
* fix: revert to using boolean tests instead of require statements
* fix: make supportsERC165Interface private again
* rename SupportsInterfaceWithLookupMock to avoid name clashing
* tests: use stages for the travis execution
Fixes#694
* add comments as suggested by @nventuro
* move the unit tests first, as suggested by @frangio
* make stages clearer as suggested by @nventuro
* tests: use stages for the travis execution
Fixes#694
* add comments as suggested by @nventuro
* move the unit tests first, as suggested by @frangio
* make stages clearer as suggested by @nventuro
* update the stage names as suggested by @frangio
* Run all tests in parallel
* added names
* make StandardToken state variables private
* simplify mocks
* document new internal functions
* fix link to ERC20 document
* revert order of Transfer and Mint events
* Revert "simplify mocks"
This reverts commit 371fe3e567.
* add tests for new internal functions
* add check for null account
* add checks for balances and allowance
* add inline docs to BurnableToken._burn
* remove redundant checks and clarify why
* Consolidted ERC20 Interface and Implementation Files
* Fixed CanReclaimToken's tests to use StandardTokenMock instead of BasicTokenMock
* Changed token's variable type in TokenTimelock to ERC20
* Merged the StandardBurnableToken with BurnableToken since it now inherits from StandardToken; Fixed TokenTimelock so it uses SafeERC20 for ERC20
* Fixed variable type for _token in TokenTimelock constructor
* Fixed linting warning in BurnableToken
* Added back burnFrom tests.
* Add an initial document for our release process
* add more detail and explanation to releasing guide
* fix details of the RELEASING.md document
* Update RELEASING.md
* Update RELEASING.md
* Update RELEASING.md
* Update RELEASING.md
* fixed visibility warnings
* solved visibility and line length warning
* change a test assertion that fails due to chai dependence update
* linter, constructor style and solved visibility warnings
* Changed Windows line endings to Unix.
* Add EditorConfig file.
This allows users with a wide variety of editors to easily code in
OpenZeppelin's preferred 2 space indentation code style.
See https://editorconfig.org for more information.
* Eslint: Always disallow trailing space
* Eslint: Error on missing EOL at file end
* Added an Architecture section that speaks to the different types of contracts
* Added a Tests section that provides high-level visibility into what is used for unit testing
* Added a How To Use and Modify OpenZeppelin Contracts section
* Added development principles to the existing Security section
We now ensure that if an exception is thrown while awaiting the promise,
the exception _has_ to be a revert. We throw 'Expected revert not
received' only afterwards. This solves any problems with confusing the
word 'revert'.
Fix#775
* Update StandardToken.sol
* Slight improvement in gas efficiency
Users tend to attempt to over-spend more than they attempt to burn non-burnable tokens. If the contract checks for overspending before assuring tokens are not being burnt a slight amount of gas might be saved in the long term.
* Assume that token is mintable.
* ECRecover test should revert because of wrong calldata size
* fix: use expectThrow
* fix: ignore failing test until solc^0.5.0
<!-- Briefly describe the issue you are experiencing (or the feature you want to see added to OpenZeppelin). Tell us what you were trying to do and what happened instead.**Remember, this is _not_ a place to ask for help debugging code; for that, we welcome you in the [OpenZeppelin Slack Channel](https://slack.openzeppelin.org/).** -->
- [ ] 🐛 This is a bug report.
- [ ] 📈 This is a feature request.
<!-- Please check one of the above by placing an x in the box. -->
## 💻 Environment
Next, we need to know what your environment looks like.
- Which version of OpenZeppelin are you using?
- What network are you deploying to? Ganache? Ropsten?
- How are you deploying your OpenZeppelin-backed contracts? truffle? Remix? Let us know!
## 📝 Details
Describe the problem you have been experiencing in more detail. Include as much information as you think is relevant. Keep in mind that transactions can fail for many reasons; context is key here.
## 🔢 Code To Reproduce Issue [ Good To Have ]
Please remember that with sample code it's easier to reproduce the bug and it's much faster to fix it.
```
insert short code snippets here
```
<!-- If your code is larger, consider linking us to a repo illustrating your issue. -->
## 👍 Other Information
<!-- List any other information that is relevant to your issue. Error logs, related issues, suggestions on how to fix, Stack Overflow links, forum links, etc. -->
<!-- Briefly describe the issue you're experiencing. Tell us what you were trying to do and what happened instead. -->
<!-- Remember, this is not a place to ask for help debugging code. For that, we welcome you in the OpenZeppelin Community Forum: https://forum.openzeppelin.com/. -->
**💻 Environment**
<!-- Tell us what version of OpenZeppelin Contracts you're using, and how you're using it: Truffle, Remix, etc. -->
**📝 Details**
<!-- Describe the problem you have been experiencing in more detail. Include as much information as you think is relevant. Keep in mind that transactions can fail for many reasons; context is key here. -->
**🔢 Code to reproduce bug**
<!-- We will be able to better help if you provide a minimal example that triggers the bug. -->
-`GovernorCompatibilityBravo`: Fix encoding of proposal data when signatures are missing.
-`TransparentUpgradeableProxy`: Fix transparency in case of selector clash with non-decodable calldata or payable mutability. ([#4154](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/4154))
## 4.8.2 (2023-03-02)
-`ERC721Consecutive`: Fixed a bug when `_mintConsecutive` is used for batches of size 1 that could lead to balance overflow. Refer to the breaking changes section in the changelog for a note on the behavior of `ERC721._beforeTokenTransfer`.
### Breaking changes
-`ERC721`: The internal function `_beforeTokenTransfer` no longer updates balances, which it previously did when `batchSize` was greater than 1. This change has no consequence unless a custom ERC721 extension is explicitly invoking `_beforeTokenTransfer`. Balance updates in extensions must now be done explicitly using `__unsafe_increaseBalance`, with a name that indicates that there is an invariant that has to be manually verified.
## 4.8.1 (2023-01-13)
*`ERC4626`: Use staticcall instead of call when fetching underlying ERC-20 decimals. ([#3943](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3943))
## 4.8.0 (2022-11-08)
*`TimelockController`: Added a new `admin` constructor parameter that is assigned the admin role instead of the deployer account. ([#3722](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3722))
*`Initializable`: add internal functions `_getInitializedVersion` and `_isInitializing` ([#3598](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3598))
*`ERC165Checker`: add `supportsERC165InterfaceUnchecked` for consulting individual interfaces without the full ERC165 protocol. ([#3339](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3339))
*`Address`: optimize `functionCall` by calling `functionCallWithValue` directly. ([#3468](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3468))
*`Address`: optimize `functionCall` functions by checking contract size only if there is no returned data. ([#3469](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3469))
*`Governor`: make the `relay` function payable, and add support for EOA payments. ([#3730](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3730))
*`ERC20`: optimize `_transfer`, `_mint` and `_burn` by using `unchecked` arithmetic when possible. ([#3513](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3513))
*`ERC20Votes`, `ERC721Votes`: optimize `getPastVotes` for looking up recent checkpoints. ([#3673](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3673))
*`ERC20FlashMint`: add an internal `_flashFee` function for overriding. ([#3551](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3551))
*`ERC4626`: use the same `decimals()` as the underlying asset by default (if available). ([#3639](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3639))
*`ERC4626`: add internal `_initialConvertToShares` and `_initialConvertToAssets` functions to customize empty vaults behavior. ([#3639](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3639))
*`ERC721`: optimize transfers by making approval clearing implicit instead of emitting an event. ([#3481](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3481))
*`ERC721`: optimize burn by making approval clearing implicit instead of emitting an event. ([#3538](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3538))
*`ERC721`: Fix balance accounting when a custom `_beforeTokenTransfer` hook results in a transfer of the token under consideration. ([#3611](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3611))
*`ERC721`: use unchecked arithmetic for balance updates. ([#3524](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3524))
*`ERC721Consecutive`: Implementation of EIP-2309 that allows batch minting of ERC721 tokens during construction. ([#3311](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3311))
*`ReentrancyGuard`: Reduce code size impact of the modifier by using internal functions. ([#3515](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3515))
*`SafeCast`: optimize downcasting of signed integers. ([#3565](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3565))
*`ECDSA`: Remove redundant check on the `v` value. ([#3591](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3591))
*`VestingWallet`: make constructor payable. ([#3665](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3665))
*`Create2`: optimize address computation by using assembly instead of `abi.encodePacked`. ([#3600](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3600))
*`Clones`: optimized the assembly to use only the scratch space during deployments, and optimized `predictDeterministicAddress` to use fewer operations. ([#3640](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3640))
*`Checkpoints`: Use procedural generation to support multiple key/value lengths. ([#3589](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3589))
*`Checkpoints`: Add new lookup mechanisms. ([#3589](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3589))
*`Arrays`: Add `unsafeAccess` functions that allow reading and writing to an element in a storage array bypassing Solidity's "out-of-bounds" check. ([#3589](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3589))
*`Ownable2Step`: extension of `Ownable` that makes the ownership transfers a two step process. ([#3620](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3620))
*`Math` and `SignedMath`: optimize function `max` by using `>` instead of `>=`. ([#3679](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3679))
*`Math`: Add `log2`, `log10` and `log256`. ([#3670](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3670))
* Arbitrum: Update the vendored arbitrum contracts to match the nitro upgrade. ([#3692](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3692))
### Breaking changes
*`ERC721`: In order to add support for batch minting via `ERC721Consecutive` it was necessary to make a minor breaking change in the internal interface of `ERC721`. Namely, the hooks `_beforeTokenTransfer` and `_afterTokenTransfer` have one additional argument that may need to be added to overrides:
```diff
function _beforeTokenTransfer(
address from,
address to,
uint256 tokenId,
+ uint256 batchSize
) internal virtual override
```
*`ERC4626`: Conversion from shares to assets (and vice-versa) in an empty vault used to consider the possible mismatch between the underlying asset's and the vault's decimals. This initial conversion rate is now set to 1-to-1 irrespective of decimals, which are meant for usability purposes only. The vault now uses the assets decimals by default, so off-chain the numbers should appear the same. Developers overriding the vault decimals to a value that does not match the underlying asset may want to override the `_initialConvertToShares` and `_initialConvertToAssets` to replicate the previous behavior.
*`TimelockController`: During deployment, the TimelockController used to grant the `TIMELOCK_ADMIN_ROLE` to the deployer and to the timelock itself. The deployer was then expected to renounce this role once configuration of the timelock is over. Failing to renounce that role allows the deployer to change the timelock permissions (but not to bypass the delay for any time-locked actions). The role is no longer given to the deployer by default. A new parameter `admin` can be set to a non-zero address to grant the admin role during construction (to the deployer or any other address). Just like previously, this admin role should be renounced after configuration. If this param is given `address(0)`, the role is not allocated and doesn't need to be revoked. In any case, the timelock itself continues to have this role.
### Deprecations
*`EIP712`: Added the file `EIP712.sol` and deprecated `draft-EIP712.sol` since the EIP is no longer a Draft. Developers are encouraged to update their imports. ([#3621](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3621))
*`ERC721Votes`: Added the file `ERC721Votes.sol` and deprecated `draft-ERC721Votes.sol` since it no longer depends on a Draft EIP (EIP-712). Developers are encouraged to update their imports. ([#3699](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3699))
ERC-721 integrators that interpret contract state from events should make sure that they implement the clearing of approval that is implicit in every transfer according to the EIP. Previous versions of OpenZeppelin Contracts emitted an explicit `Approval` event even though it was not required by the specification, and this is no longer the case.
With the new `ERC721Consecutive` extension, the internal workings of `ERC721` are slightly changed. Custom extensions to ERC721 should be reviewed to ensure they remain correct. The internal functions that should be considered are `_ownerOf` (new), `_beforeTokenTransfer`, and `_afterTokenTransfer`.
### ERC-4626 Upgrade Note
Existing `ERC4626` contracts that are upgraded to 4.8 must initialize a new variable that holds the vault token decimals. The recommended way to do this is to use a [reinitializer]:
*`ECDSA`: `recover(bytes32,bytes)` and `tryRecover(bytes32,bytes)` no longer accept compact signatures to prevent malleability. Compact signature support remains available using `recover(bytes32,bytes32,bytes32)` and `tryRecover(bytes32,bytes32,bytes32)`.
## 4.7.2
*`LibArbitrumL2`, `CrossChainEnabledArbitrumL2`: Fixed detection of cross-chain calls for EOAs. Previously, calls from EOAs would be classified as cross-chain calls. ([#3578](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3578))
*`GovernorVotesQuorumFraction`: Fixed quorum updates so they do not affect past proposals that failed due to lack of quorum. ([#3561](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3561))
*`ERC165Checker`: Added protection against large returndata. ([#3587](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3587))
## 4.7.1
*`SignatureChecker`: Fix an issue that causes `isValidSignatureNow` to revert when the target contract returns ill-encoded data. ([#3552](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3552))
*`ERC165Checker`: Fix an issue that causes `supportsInterface` to revert when the target contract returns ill-encoded data. ([#3552](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3552))
## 4.7.0 (2022-06-29)
*`TimelockController`: Migrate `_call` to `_execute` and allow inheritance and overriding similar to `Governor`. ([#3317](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3317))
*`CrossChainEnabledPolygonChild`: replace the `require` statement with the custom error `NotCrossChainCall`. ([#3380](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3380))
*`ERC4626`: add an extension of `ERC20` that implements the ERC4626 Tokenized Vault Standard. ([#3171](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3171))
*`SafeERC20`: add `safePermit` as mitigation against phantom permit functions. ([#3280](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3280))
*`Math`: add a `mulDiv` function that can round the result either up or down. ([#3171](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3171))
*`Math`: Add a `sqrt` function to compute square roots of integers, rounding either up or down. ([#3242](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3242))
*`Strings`: add a new overloaded function `toHexString` that converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation. ([#3403](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3403))
*`EnumerableMap`: add new `UintToUintMap` map type. ([#3338](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3338))
*`EnumerableMap`: add new `Bytes32ToUintMap` map type. ([#3416](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3416))
*`SafeCast`: add support for many more types, using procedural code generation. ([#3245](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3245))
*`MerkleProof`: add `multiProofVerify` to prove multiple values are part of a Merkle tree. ([#3276](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3276))
*`MerkleProof`: add calldata versions of the functions to avoid copying input arrays to memory and save gas. ([#3200](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3200))
*`Initializable`: refactored implementation of modifiers for easier understanding. ([#3450](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3450))
*`Proxies`: remove runtime check of ERC1967 storage slots. ([#3455](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3455))
### Breaking changes
*`Initializable`: functions decorated with the modifier `reinitializer(1)` may no longer invoke each other.
## 4.6.0 (2022-04-26)
*`crosschain`: Add a new set of contracts for cross-chain applications. `CrossChainEnabled` is a base contract with instantiations for several chains and bridges, and `AccessControlCrossChain` is an extension of access control that allows cross-chain operation. ([#3183](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3183))
*`AccessControl`: add a virtual `_checkRole(bytes32)` function that can be overridden to alter the `onlyRole` modifier behavior. ([#3137](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3137))
*`EnumerableMap`: add new `AddressToUintMap` map type. ([#3150](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3150))
*`EnumerableMap`: add new `Bytes32ToBytes32Map` map type. ([#3192](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3192))
*`ERC20FlashMint`: support infinite allowance when paying back a flash loan. ([#3226](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3226))
*`ERC20Wrapper`: the `decimals()` function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. ([#3259](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3259))
*`draft-ERC20Permit`: replace `immutable` with `constant` for `_PERMIT_TYPEHASH` since the `keccak256` of string literals is treated specially and the hash is evaluated at compile time. ([#3196](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3196))
*`ERC1155`: Add a `_afterTokenTransfer` hook for improved extensibility. ([#3166](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3166))
*`ERC1155URIStorage`: add a new extension that implements a `_setURI` behavior similar to ERC721's `_setTokenURI`. ([#3210](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3210))
*`DoubleEndedQueue`: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. ([#3153](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3153))
*`Governor`: improved security of `onlyGovernance` modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. ([#3147](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3147))
*`Governor`: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The `params` argument added to `_countVote` method, and included in the newly added `_getVotes` method, can be used by counting and voting modules respectively for such purposes. ([#3043](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3043))
*`Governor`: rewording of revert reason for consistency. ([#3275](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3275))
*`Governor`: fix an inconsistency in data locations that could lead to invalid bytecode being produced. ([#3295](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3295))
*`Governor`: Implement `IERC721Receiver` and `IERC1155Receiver` to improve token custody by governors. ([#3230](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3230))
*`TimelockController`: Implement `IERC721Receiver` and `IERC1155Receiver` to improve token custody by timelocks. ([#3230](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3230))
*`TimelockController`: Add a separate canceller role for the ability to cancel. ([#3165](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3165))
*`Initializable`: add a reinitializer modifier that enables the initialization of new modules, added to already initialized contracts through upgradeability. ([#3232](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3232))
*`Initializable`: add an Initialized event that tracks initialized version numbers. ([#3294](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3294))
*`ERC2981`: make `royaltyInfo` public to allow super call in overrides. ([#3305](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3305))
### Upgradeability notice
*`TimelockController`: **(Action needed)** The upgrade from <4.6to>=4.6 introduces a new `CANCELLER_ROLE` that requires set up to be assignable. After the upgrade, only addresses with this role will have the ability to cancel. Proposers will no longer be able to cancel. Assigning cancellers can be done by an admin (including the timelock itself) once the role admin is set up. To do this, we recommend upgrading to the `TimelockControllerWith46MigrationUpgradeable` contract and then calling the `migrateTo46` function.
### Breaking changes
*`Governor`: Adds internal virtual `_getVotes` method that must be implemented; this is a breaking change for existing concrete extensions to `Governor`. To fix this on an existing voting module extension, rename `getVotes` to `_getVotes` and add a `bytes memory` argument. ([#3043](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3043))
*`Governor`: Adds `params` parameter to internal virtual `_countVote` method; this is a breaking change for existing concrete extensions to `Governor`. To fix this on an existing counting module extension, add a `bytes memory` argument to `_countVote`. ([#3043](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3043))
*`Governor`: Does not emit `VoteCast` event when params data is non-empty; instead emits `VoteCastWithParams` event. To fix this on an integration that consumes the `VoteCast` event, also fetch/monitor `VoteCastWithParams` events. ([#3043](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3043))
*`Votes`: The internal virtual function `_getVotingUnits` was made `view` (which was accidentally missing). Any overrides should now be updated so they are `view` as well.
## 4.5.0 (2022-02-09)
*`ERC2981`: add implementation of the royalty standard, and the respective extensions for `ERC721` and `ERC1155`. ([#3012](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3012))
*`GovernorTimelockControl`: improve the `state()` function to have it reflect cases where a proposal has been canceled directly on the timelock. ([#2977](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2977))
* Preset contracts are now deprecated in favor of [Contracts Wizard](https://wizard.openzeppelin.com). ([#2986](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2986))
*`Governor`: add a relay function to help recover assets sent to a governor that is not its own executor (e.g. when using a timelock). ([#2926](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2926))
*`GovernorPreventLateQuorum`: add new module to ensure a minimum voting duration is available after the quorum is reached. ([#2973](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2973))
*`ERC721`: improved revert reason when transferring from wrong owner. ([#2975](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2975))
*`Votes`: Added a base contract for vote tracking with delegation. ([#2944](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2944))
*`ERC721Votes`: Added an extension of ERC721 enabled with vote tracking and delegation. ([#2944](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2944))
*`ERC2771Context`: use immutable storage to store the forwarder address, no longer an issue since Solidity >=0.8.8 allows reading immutable variables in the constructor. ([#2917](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2917))
*`Base64`: add a library to parse bytes into base64 strings using `encode(bytes memory)` function, and provide examples to show how to use to build URL-safe `tokenURIs`. ([#2884](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2884))
*`ERC20`: reduce allowance before triggering transfer. ([#3056](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3056))
*`ERC20`: do not update allowance on `transferFrom` when allowance is `type(uint256).max`. ([#3085](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3085))
*`ERC20`: add a `_spendAllowance` internal function. ([#3170](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3170))
*`ERC20Burnable`: do not update allowance on `burnFrom` when allowance is `type(uint256).max`. ([#3170](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3170))
*`ERC777`: do not update allowance on `transferFrom` when allowance is `type(uint256).max`. ([#3085](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3085))
*`ERC777`: add a `_spendAllowance` internal function. ([#3170](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3170))
*`SignedMath`: a new signed version of the Math library with `max`, `min`, and `average`. ([#2686](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2686))
*`SignedMath`: add an `abs(int256)` method that returns the unsigned absolute value of a signed value. ([#2984](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2984))
*`ERC1967Upgrade`: Refactor the secure upgrade to use `ERC1822` instead of the previous rollback mechanism. This reduces code complexity and attack surface with similar security guarantees. ([#3021](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3021))
*`UUPSUpgradeable`: Add `ERC1822` compliance to support the updated secure upgrade mechanism. ([#3021](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3021))
* Some more functions have been made virtual to customize them via overrides. In many cases this will not imply that other functions in the contract will automatically adapt to the overridden definitions. People who wish to override should consult the source code to understand the impact and if they need to override any additional functions to achieve the desired behavior.
### Breaking changes
*`ERC1967Upgrade`: The function `_upgradeToAndCallSecure` was renamed to `_upgradeToAndCallUUPS`, along with the change in security mechanism described above.
*`Address`: The Solidity pragma is increased from `^0.8.0` to `^0.8.1`. This is required by the `account.code.length` syntax that replaces inline assembly. This may require users to bump their compiler version from `0.8.0` to `0.8.1` or later. Note that other parts of the code already include stricter requirements.
## 4.4.2 (2022-01-11)
### Bugfixes
*`GovernorCompatibilityBravo`: Fix error in the encoding of calldata for proposals submitted through the compatibility interface with explicit signatures. ([#3100](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3100))
## 4.4.1 (2021-12-14)
*`Initializable`: change the existing `initializer` modifier and add a new `onlyInitializing` modifier to prevent reentrancy risk. ([#3006](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3006))
### Breaking change
It is no longer possible to call an `initializer`-protected function from within another `initializer` function outside the context of a constructor. Projects using OpenZeppelin upgradeable proxies should continue to work as is, since in the common case the initializer is invoked in the constructor directly. If this is not the case for you, the suggested change is to use the new `onlyInitializing` modifier in the following way:
```diff
contract A {
- function initialize() public initializer { ... }
+ function initialize() internal onlyInitializing { ... }
}
contract B is A {
function initialize() public initializer {
A.initialize();
}
}
```
## 4.4.0 (2021-11-25)
*`Ownable`: add an internal `_transferOwnership(address)`. ([#2568](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2568))
*`AccessControl`: add internal `_grantRole(bytes32,address)` and `_revokeRole(bytes32,address)`. ([#2568](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2568))
*`AccessControl`: mark `_setupRole(bytes32,address)` as deprecated in favor of `_grantRole(bytes32,address)`. ([#2568](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2568))
*`AccessControlEnumerable`: hook into `_grantRole(bytes32,address)` and `_revokeRole(bytes32,address)`. ([#2946](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2946))
*`EIP712`: cache `address(this)` to immutable storage to avoid potential issues if a vanilla contract is used in a delegatecall context. ([#2852](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2852))
* Add internal `_setApprovalForAll` to `ERC721` and `ERC1155`. ([#2834](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2834))
*`Governor`: shift vote start and end by one block to better match Compound's GovernorBravo and prevent voting at the Governor level if the voting snapshot is not ready. ([#2892](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2892))
*`GovernorCompatibilityBravo`: consider quorum an inclusive rather than exclusive minimum to match Compound's GovernorBravo. ([#2974](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2974))
*`GovernorSettings`: a new governor module that manages voting settings updatable through governance actions. ([#2904](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2904))
*`PaymentSplitter`: now supports ERC20 assets in addition to Ether. ([#2858](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2858))
*`ECDSA`: add a variant of `toEthSignedMessageHash` for arbitrary length message hashing. ([#2865](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2865))
*`MerkleProof`: add a `processProof` function that returns the rebuilt root hash given a leaf and a proof. ([#2841](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2841))
*`VestingWallet`: new contract that handles the vesting of Ether and ERC20 tokens following a customizable vesting schedule. ([#2748](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2748))
*`Governor`: enable receiving Ether when a Timelock contract is not used. ([#2748](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2849))
*`GovernorTimelockCompound`: fix ability to use Ether stored in the Timelock contract. ([#2748](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2849))
## 4.3.3
*`ERC1155Supply`: Handle `totalSupply` changes by hooking into `_beforeTokenTransfer` to ensure consistency of balances and supply during `IERC1155Receiver.onERC1155Received` calls.
## 4.3.2 (2021-09-14)
*`UUPSUpgradeable`: Add modifiers to prevent `upgradeTo` and `upgradeToAndCall` being executed on any contract that is not the active ERC1967 proxy. This prevents these functions being called on implementation contracts or minimal ERC1167 clones, in particular.
*`ERC2771Context`: use private variable from storage to store the forwarder address. Fixes issues where `_msgSender()` was not callable from constructors. ([#2754](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2754))
*`EnumerableSet`: add `values()` functions that returns an array containing all values in a single call. ([#2768](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2768))
*`Governor`: added a modular system of `Governor` contracts based on `GovernorAlpha` and `GovernorBravo`. ([#2672](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2672))
* Add an `interfaces` folder containing solidity interfaces to final ERCs. ([#2517](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2517))
*`ECDSA`: add `tryRecover` functions that will not throw if the signature is invalid, and will return an error flag instead. ([#2661](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2661))
*`SignatureChecker`: Reduce gas usage of the `isValidSignatureNow` function for the "signature by EOA" case. ([#2661](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2661))
## 4.2.0 (2021-06-30)
*`ERC20Votes`: add a new extension of the `ERC20` token with support for voting snapshots and delegation. ([#2632](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2632))
*`ERC20VotesComp`: Variant of `ERC20Votes` that is compatible with Compound's `Comp` token interface but restricts supply to `uint96`. ([#2706](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2706))
*`ERC20Wrapper`: add a new extension of the `ERC20` token which wraps an underlying token. Deposit and withdraw guarantee that the total supply is backed by a corresponding amount of underlying token. ([#2633](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2633))
* Enumerables: Improve gas cost of removal in `EnumerableSet` and `EnumerableMap`.
* Enumerables: Improve gas cost of lookup in `EnumerableSet` and `EnumerableMap`.
*`Counter`: add a reset method. ([#2678](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2678))
* Tokens: Wrap definitely safe subtractions in `unchecked` blocks.
*`Math`: Add a `ceilDiv` method for performing ceiling division.
*`ERC1155Supply`: add a new `ERC1155` extension that keeps track of the totalSupply of each tokenId. ([#2593](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2593))
*`BitMaps`: add a new `BitMaps` library that provides a storage efficient datastructure for `uint256` to `bool` mapping with contiguous keys. ([#2710](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2710))
### Breaking Changes
*`ERC20FlashMint` is no longer a Draft ERC. ([#2673](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2673)))
**How to update:** Change your import paths by removing the `draft-` prefix from `@openzeppelin/contracts/token/ERC20/extensions/draft-ERC20FlashMint.sol`.
> See [Releases and Stability: Drafts](https://docs.openzeppelin.com/contracts/4.x/releases-stability#drafts).
## 4.1.0 (2021-04-29)
*`IERC20Metadata`: add a new extended interface that includes the optional `name()`, `symbol()` and `decimals()` functions. ([#2561](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2561))
*`ERC777`: make reception acquirement optional in `_mint`. ([#2552](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2552))
*`ERC20Permit`: add a `_useNonce` to enable further usage of ERC712 signatures. ([#2565](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2565))
*`ERC20FlashMint`: add an implementation of the ERC3156 extension for flash-minting ERC20 tokens. ([#2543](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2543))
*`SignatureChecker`: add a signature verification library that supports both EOA and ERC1271 compliant contracts as signers. ([#2532](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2532))
*`Multicall`: add abstract contract with `multicall(bytes[] calldata data)` function to bundle multiple calls together ([#2608](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2608))
*`ECDSA`: add support for ERC2098 short-signatures. ([#2582](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2582))
*`AccessControl`: add an `onlyRole` modifier to restrict specific function to callers bearing a specific role. ([#2609](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2609))
*`StorageSlot`: add a library for reading and writing primitive types to specific storage slots. ([#2542](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2542))
* UUPS Proxies: add `UUPSUpgradeable` to implement the UUPS proxy pattern together with `EIP1967Proxy`. ([#2542](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2542))
### Breaking changes
This release includes two small breaking changes in `TimelockController`.
1. The `onlyRole` modifier in this contract was designed to let anyone through if the role was granted to `address(0)`,
allowing the possibility to to make a role "open", which can be used for `EXECUTOR_ROLE`. This modifier is now
replaced by `AccessControl.onlyRole`, which does not have this ability. The previous behavior was moved to the
modifier `TimelockController.onlyRoleOrOpenRole`.
2. It was possible to make `PROPOSER_ROLE` an open role (as described in the previous item) if it was granted to
`address(0)`. This would affect the `schedule`, `scheduleBatch`, and `cancel` operations in `TimelockController`.
This ability was removed as it does not make sense to open up the `PROPOSER_ROLE` in the same way that it does for
`EXECUTOR_ROLE`.
## 4.0.0 (2021-03-23)
* Now targeting the 0.8.x line of Solidity compilers. For 0.6.x (resp 0.7.x) support, use version 3.4.0 (resp 3.4.0-solc-0.7) of OpenZeppelin.
*`Context`: making `_msgData` return `bytes calldata` instead of `bytes memory` ([#2492](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2492))
*`ERC20`: removed the `_setDecimals` function and the storage slot associated to decimals. ([#2502](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2502))
*`Strings`: addition of a `toHexString` function. ([#2504](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2504))
*`EnumerableMap`: change implementation to optimize for `key → value` lookups instead of enumeration. ([#2518](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2518))
*`GSN`: deprecate GSNv1 support in favor of upcoming support for GSNv2. ([#2521](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2521))
*`ERC165`: remove uses of storage in the base ERC165 implementation. ERC165 based contracts now use storage-less virtual functions. Old behavior remains available in the `ERC165Storage` extension. ([#2505](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2505))
*`Initializable`: make initializer check stricter during construction. ([#2531](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2531))
*`ERC721`: remove enumerability of tokens from the base implementation. This feature is now provided separately through the `ERC721Enumerable` extension. ([#2511](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2511))
*`AccessControl`: removed enumerability by default for a more lightweight contract. It is now opt-in through `AccessControlEnumerable`. ([#2512](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2512))
* Meta Transactions: add `ERC2771Context` and a `MinimalForwarder` for meta-transactions. ([#2508](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2508))
* Overall reorganization of the contract folder to improve clarity and discoverability. ([#2503](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2503))
*`ERC20Capped`: optimize gas usage by enforcing the check directly in `_mint`. ([#2524](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2524))
* Rename `UpgradeableProxy` to `ERC1967Proxy`. ([#2547](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2547))
*`ERC777`: optimize the gas costs of the constructor. ([#2551](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2551))
*`ERC721URIStorage`: add a new extension that implements the `_setTokenURI` behavior as it was available in 3.4.0. ([#2555](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2555))
*`ERC1155`: make `uri` public so overloading function can call it using super. ([#2576](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2576))
### Bug fixes for beta releases
*`AccessControlEnumerable`: Fixed `renounceRole` not updating enumerable set of addresses for a role. ([#2572](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2572))
### How to upgrade from 3.x
Since this version has moved a few contracts to different directories, users upgrading from a previous version will need to adjust their import statements. To make this easier, the package includes a script that will migrate import statements automatically. After upgrading to the latest version of the package, run:
```
npx openzeppelin-contracts-migrate-imports
```
Make sure you're using git or another version control system to be able to recover from any potential error in our script.
### How to upgrade from 4.0-beta.x
Some further changes have been done between the different beta iterations. Transitions made during this period are configured in the `migrate-imports` script. Consequently, you can upgrade from any previous 4.0-beta.x version using the same script as described in the *How to upgrade from 3.x* section.
*`ERC721`: made `_approve` an internal function (was private).
## 3.4.0 (2021-02-02)
*`BeaconProxy`: added new kind of proxy that allows simultaneous atomic upgrades. ([#2411](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2411))
*`EIP712`: added helpers to verify EIP712 typed data signatures on chain. ([#2418](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2418))
*`ERC20Permit`: added an implementation of the ERC20 permit extension for gasless token approvals. ([#2237](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2237))
* Presets: added token presets with preminted fixed supply `ERC20PresetFixedSupply` and `ERC777PresetFixedSupply`. ([#2399](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2399))
*`Address`: added `functionDelegateCall`, similar to the existing `functionCall`. ([#2333](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2333))
*`Clones`: added a library for deploying EIP 1167 minimal proxies. ([#2449](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2449))
*`Context`: moved from `contracts/GSN` to `contracts/utils`. ([#2453](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2453))
*`PaymentSplitter`: replace usage of `.transfer()` with `Address.sendValue` for improved compatibility with smart wallets. ([#2455](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2455))
*`UpgradeableProxy`: bubble revert reasons from initialization calls. ([#2454](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2454))
*`SafeMath`: fix a memory allocation issue by adding new `SafeMath.tryOp(uint,uint)→(bool,uint)` functions. `SafeMath.op(uint,uint,string)→uint` are now deprecated. ([#2462](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2462))
*`EnumerableMap`: fix a memory allocation issue by adding new `EnumerableMap.tryGet(uint)→(bool,address)` functions. `EnumerableMap.get(uint)→string` is now deprecated. ([#2462](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2462))
*`RefundEscrow`: `beneficiaryWithdraw` will forward all available gas to the beneficiary. ([#2480](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2480))
* Many view and pure functions have been made virtual to customize them via overrides. In many cases this will not imply that other functions in the contract will automatically adapt to the overridden definitions. People who wish to override should consult the source code to understand the impact and if they need to override any additional functions to achieve the desired behavior.
### Security Fixes
*`ERC777`: fix potential reentrancy issues for custom extensions to `ERC777`. ([#2483](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2483))
If you're using our implementation of ERC777 from version 3.3.0 or earlier, and you define a custom `_beforeTokenTransfer` function that writes to a storage variable, you may be vulnerable to a reentrancy attack. If you're affected and would like assistance please write to security@openzeppelin.com. [Read more in the pull request.](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2483)
## 3.3.0 (2020-11-26)
* Now supports both Solidity 0.6 and 0.7. Compiling with solc 0.7 will result in warnings. Install the `solc-0.7` tag to compile without warnings.
*`Address`: added `functionStaticCall`, similar to the existing `functionCall`. ([#2333](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2333))
*`TimelockController`: added a contract to augment access control schemes with a delay. ([#2354](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2354))
*`EnumerableSet`: added `Bytes32Set`, for sets of `bytes32`. ([#2395](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2395))
## 3.2.2-solc-0.7 (2020-10-28)
* Resolve warnings introduced by Solidity 0.7.4. ([#2396](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2396))
## 3.2.1-solc-0.7 (2020-09-15)
*`ERC777`: Remove a warning about function state visibility in Solidity 0.7. ([#2327](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2327))
## 3.2.0 (2020-09-10)
### New features
* Proxies: added the proxy contracts from OpenZeppelin SDK. ([#2335](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2335))
#### Proxy changes with respect to OpenZeppelin SDK
Aside from upgrading them from Solidity 0.5 to 0.6, we've changed a few minor things from the proxy contracts as they were found in OpenZeppelin SDK.
-`UpgradeabilityProxy` was renamed to `UpgradeableProxy`.
-`AdminUpgradeabilityProxy` was renamed to `TransparentUpgradeableProxy`.
-`Proxy._willFallback` was renamed to `Proxy._beforeFallback`.
-`UpgradeabilityProxy._setImplementation` and `AdminUpgradeabilityProxy._setAdmin` were made private.
### Improvements
*`Address.isContract`: switched from `extcodehash` to `extcodesize` for less gas usage. ([#2311](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2311))
### Breaking changes
*`ERC20Snapshot`: switched to using `_beforeTokenTransfer` hook instead of overriding ERC20 operations. ([#2312](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2312))
This small change in the way we implemented `ERC20Snapshot` may affect users who are combining this contract with
other ERC20 flavors, since it no longer overrides `_transfer`, `_mint`, and `_burn`. This can result in having to remove Solidity `override(...)` specifiers in derived contracts for these functions, and to instead have to add it for `_beforeTokenTransfer`. See [Using Hooks](https://docs.openzeppelin.com/contracts/3.x/extending-contracts#using-hooks) in the documentation.
## 3.1.0 (2020-06-23)
### New features
*`SafeCast`: added functions to downcast signed integers (e.g. `toInt32`), improving usability of `SignedSafeMath`. ([#2243](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2243))
*`functionCall`: new helpers that replicate Solidity's function call semantics, reducing the need to rely on `call`. ([#2264](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2264))
*`ERC1155`: added support for a base implementation, non-standard extensions and a preset contract. ([#2014](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2014), [#2230](https://github.com/OpenZeppelin/openzeppelin-contracts/issues/2230))
### Improvements
*`ReentrancyGuard`: reduced overhead of using the `nonReentrant` modifier. ([#2171](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2171))
*`AccessControl`: added a `RoleAdminChanged` event to `_setAdminRole`. ([#2214](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2214))
* Made all `public` functions in the token preset contracts `virtual`. ([#2257](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2257))
* Added SPX license identifier to all contracts. ([#2235](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2235))
## 3.0.1 (2020-04-27)
### Bugfixes
*`ERC777`: fixed the `_approve` internal function not validating some of their arguments for non-zero addresses. ([#2213](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2213))
## 3.0.0 (2020-04-20)
### New features
*`AccessControl`: new contract for managing permissions in a system, replacement for `Ownable` and `Roles`. ([#2112](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2112))
*`SafeCast`: new functions to convert to and from signed and unsigned values: `toUint256` and `toInt256`. ([#2123](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2123))
*`EnumerableMap`: a new data structure for key-value pairs (like `mapping`) that can be iterated over. ([#2160](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2160))
### Breaking changes
*`ERC721`: `burn(owner, tokenId)` was removed, use `burn(tokenId)` instead. ([#2125](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2125))
*`ERC721`: `_checkOnERC721Received` was removed. ([#2125](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2125))
*`ERC721`: `_transferFrom` and `_safeTransferFrom` were renamed to `_transfer` and `_safeTransfer`. ([#2162](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2162))
*`PullPayment`, `Escrow`: `withdrawWithGas` was removed. The old `withdraw` function now forwards all gas. ([#2125](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2125))
*`Roles` was removed, use `AccessControl` as a replacement. ([#2112](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2112))
*`ECDSA`: when receiving an invalid signature, `recover` now reverts instead of returning the zero address. ([#2114](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2114))
*`Create2`: added an `amount` argument to `deploy` for contracts with `payable` constructors. ([#2117](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2117))
*`Pausable`: moved to the `utils` directory. ([#2122](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2122))
*`Strings`: moved to the `utils` directory. ([#2122](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2122))
*`Counters`: moved to the `utils` directory. ([#2122](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2122))
*`SignedSafeMath`: moved to the `math` directory. ([#2122](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2122))
*`ERC20Snapshot`: moved to the `token/ERC20` directory. `snapshot` was changed into an `internal` function. ([#2122](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2122))
*`Ownable`: moved to the `access` directory. ([#2120](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2120))
*`Secondary`: removed from the library, use `Ownable` instead. ([#2120](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2120))
*`Escrow`, `ConditionalEscrow`, `RefundEscrow`: these now use `Ownable` instead of `Secondary`, their external API changed accordingly. ([#2120](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2120))
*`Address`: removed `toPayable`, use `payable(address)` instead. ([#2133](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2133))
*`ERC777`: `_send`, `_mint` and `_burn` now use the caller as the operator. ([#2134](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2134))
*`ERC777`: removed `_callsTokensToSend` and `_callTokensReceived`. ([#2134](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2134))
*`EnumerableSet`: renamed `get` to `at`. ([#2151](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2151))
*`ERC165Checker`: functions no longer have a leading underscore. ([#2150](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2150))
*`ERC721Metadata`, `ERC721Enumerable`: these contracts were removed, and their functionality merged into `ERC721`. ([#2160](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2160))
*`ERC721`: added a constructor for `name` and `symbol`. ([#2160](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2160))
*`ERC20Detailed`: this contract was removed and its functionality merged into `ERC20`. ([#2161](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2161))
*`ERC20`: added a constructor for `name` and `symbol`. `decimals` now defaults to 18. ([#2161](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2161))
*`Strings`: renamed `fromUint256` to `toString` ([#2188](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2188))
## 2.5.1 (2020-04-24)
### Bugfixes
*`ERC777`: fixed the `_send` and `_approve` internal functions not validating some of their arguments for non-zero addresses. ([#2212](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2212))
## 2.5.0 (2020-02-04)
### New features
*`SafeCast.toUintXX`: new library for integer downcasting, which allows for safe operation on smaller types (e.g. `uint32`) when combined with `SafeMath`. ([#1926](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1926))
*`ERC721Metadata`: added `baseURI`, which can be used for dramatic gas savings when all token URIs share a prefix (e.g. `http://api.myapp.com/tokens/<id>`). ([#1970](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1970))
*`EnumerableSet`: new library for storing enumerable sets of values. Only `AddressSet` is supported in this release. ([#2061](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/2061))
*`Create2`: simple library to make usage of the `CREATE2` opcode easier. ([#1744](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1744))
### Improvements
*`ERC777`: `_burn` is now internal, providing more flexibility and making it easier to create tokens that deflate. ([#1908](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1908))
*`ReentrancyGuard`: greatly improved gas efficiency by using the net gas metering mechanism introduced in the Istanbul hardfork. ([#1992](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1992), [#1996](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1996))
*`ERC777`: improve extensibility by making `_send` and related functions `internal`. ([#2027](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2027))
*`ERC721`: improved revert reason when transferring tokens to a non-recipient contract. ([#2018](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2018))
### Breaking changes
*`ERC165Checker` now requires a minimum Solidity compiler version of 0.5.10. ([#1829](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1829))
## 2.4.0 (2019-10-29)
### New features
*`Address.toPayable`: added a helper to convert between address types without having to resort to low-level casting. ([#1773](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1773))
* Facilities to make metatransaction-enabled contracts through the Gas Station Network. ([#1844](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1844))
*`Address.sendValue`: added a replacement to Solidity's `transfer`, removing the fixed gas stipend. ([#1962](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1962))
* Added replacement for functions that don't forward all gas (which have been deprecated): ([#1976](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1976))
*`SafeMath`: added support for custom error messages to `sub`, `div` and `mod` functions. ([#1828](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1828))
### Improvements
*`Address.isContract`: switched from `extcodesize` to `extcodehash` for less gas usage. ([#1802](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1802))
*`ERC20` and `ERC777` updated to throw custom errors on subtraction overflows. ([#1828](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1828))
### Deprecations
* Deprecated functions that don't forward all gas: ([#1976](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1976))
*`Address` now requires a minimum Solidity compiler version of 0.5.5. ([#1802](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1802))
*`SignatureBouncer` has been removed from drafts, both to avoid confusions with the GSN and `GSNRecipientSignature` (previously called `GSNBouncerSignature`) and because the API was not very clear. ([#1879](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/1879))
### How to upgrade from 2.4.0-beta
The final 2.4.0 release includes a refactor of the GSN contracts that will be a breaking change for 2.4.0-beta users.
* The default empty implementations of `_preRelayedCall` and `_postRelayedCall` were removed and must now be explicitly implemented always in custom recipients. If your custom recipient didn't include an implementation, you can provide an empty one.
*`GSNRecipient`, `GSNBouncerBase`, and `GSNContext` were all merged into `GSNRecipient`.
*`GSNBouncerSignature` and `GSNBouncerERC20Fee` were renamed to `GSNRecipientSignature` and `GSNRecipientERC20Fee`.
* It is no longer necessary to inherit from `GSNRecipient` when using `GSNRecipientSignature` and `GSNRecipientERC20Fee`.
For example, a contract using `GSNBouncerSignature` would have to be changed in the following way.
```diff
-contract MyDapp is GSNRecipient, GSNBouncerSignature {
+contract MyDapp is GSNRecipientSignature {
```
Refer to the table below to adjust your inheritance list.
*`ERC1820`: added support for interacting with the [ERC1820](https://eips.ethereum.org/EIPS/eip-1820) registry contract (`IERC1820Registry`), as well as base contracts that can be registered as implementers there. ([#1677](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1677))
*`ERC777`: support for the [ERC777 token](https://eips.ethereum.org/EIPS/eip-777), which has multiple improvements over `ERC20` (but is backwards compatible with it) such as built-in burning, a more straightforward permission system, and optional sender and receiver hooks on transfer (mandatory for contracts!). ([#1684](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1684))
* All contracts now have revert reason strings, which give insight into error conditions, and help debug failing transactions. ([#1704](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1704))
### Improvements
* Reverted the Solidity version bump done in v2.2.0, setting the minimum compiler version to v0.5.0, to prevent unexpected build breakage. Users are encouraged however to stay on top of new compiler releases, which usually include bugfixes. ([#1729](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1729))
### Bugfixes
*`PostDeliveryCrowdsale`: some validations where skipped when paired with other crowdsale flavors, such as `AllowanceCrowdsale`, or `MintableCrowdsale` and `ERC20Capped`, which could cause buyers to not be able to claim their purchased tokens. ([#1721](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1721))
*`ERC20._transfer`: the `from` argument was allowed to be the zero address, so it was possible to internally trigger a transfer of 0 tokens from the zero address. This address is not a valid destinatary of transfers, nor can it give or receive allowance, so this behavior was inconsistent. It now reverts. ([#1752](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1752))
## 2.2.0 (2019-03-14)
### New features
*`ERC20Snapshot`: create snapshots on demand of the token balances and total supply, to later retrieve and e.g. calculate dividends at a past time. ([#1617](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1617))
*`SafeERC20`: `ERC20` contracts with no return value (i.e. that revert on failure) are now supported. ([#1655](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1655))
*`ERC20`: added internal `_approve(address owner, address spender, uint256 value)`, allowing derived contracts to set the allowance of arbitrary accounts. ([#1609](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1609))
*`TimedCrowdsale`: added internal `_extendTime(uint256 newClosingTime)` as well as `TimedCrowdsaleExtended(uint256 prevClosingTime, uint256 newClosingTime)` event allowing to extend the crowdsale, as long as it hasn't already closed.
### Improvements
* Upgraded the minimum compiler version to v0.5.2: this removes many Solidity warnings that were false positives. ([#1606](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1606))
*`ECDSA`: `recover` no longer accepts malleable signatures (those using upper-range values for `s`, or 0/1 for `v`). ([#1622](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1622))
* ``ERC721``'s transfers are now more gas efficient due to removal of unnecessary `SafeMath` calls. ([#1610](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1610))
* (minor) `SafeERC20`: `safeApprove` wasn't properly checking for a zero allowance when attempting to set a non-zero allowance. ([#1647](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1647))
### Breaking changes in drafts
*`TokenMetadata` has been renamed to `ERC20Metadata`. ([#1618](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1618))
* The library `Counter` has been renamed to `Counters` and its API has been improved. See an example in `ERC721`, lines [17](https://github.com/OpenZeppelin/openzeppelin-solidity/blob/3cb4a00fce1da76196ac0ac3a0ae9702b99642b5/contracts/token/ERC721/ERC721.sol#L17) and [204](https://github.com/OpenZeppelin/openzeppelin-solidity/blob/3cb4a00fce1da76196ac0ac3a0ae9702b99642b5/contracts/token/ERC721/ERC721.sol#L204). ([#1610](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1610))
* Removed most of the test suite from the npm package, except `PublicRole.behavior.js`, which may be useful to users testing their own `Roles`.
## 2.1.1 (2019-01-04)
* Version bump to avoid conflict in the npm registry.
## 2.1.0 (2019-01-04)
### New features
* Now targeting the 0.5.x line of Solidity compilers. For 0.4.24 support, use version 2.0 of OpenZeppelin.
*`WhitelistCrowdsale`: a crowdsale where only whitelisted accounts (`WhitelistedRole`) can purchase tokens. Adding or removing accounts from the whitelist is done by whitelist admins (`WhitelistAdminRole`). Similar to the pre-2.0 `WhitelistedCrowdsale`. ([#1525](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1525), [#1589](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1589))
*`RefundablePostDeliveryCrowdsale`: replacement for `RefundableCrowdsale` (deprecated, see below) where tokens are only granted once the crowdsale ends (if it meets its goal). ([#1543](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1543))
*`PausableCrowdsale`: allows for pausers (`PauserRole`) to pause token purchases. Other crowdsale operations (e.g. withdrawals and refunds, if applicable) are not affected. ([#832](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/832))
*`ERC20`: `transferFrom` and `_burnFrom ` now emit `Approval` events, to represent the token's state comprehensively through events. ([#1524](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1524))
*`ERC721`: added `_burn(uint256 tokenId)`, replacing the similar deprecated function (see below). ([#1550](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1550))
*`ERC721`: added `_tokensOfOwner(address owner)`, allowing to internally retrieve the array of an account's owned tokens. ([#1522](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1522))
* Crowdsales: all constructors are now `public`, meaning it is not necessary to extend these contracts in order to deploy them. The exception is `FinalizableCrowdsale`, since it is meaningless unless extended. ([#1564](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1564))
*`SignedSafeMath`: added overflow-safe operations for signed integers (`int256`). ([#1559](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1559), [#1588](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1588))
### Improvements
* The compiler version required by `Array` was behind the rest of the library so it was updated to `v0.4.24`. ([#1553](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1553))
* Now conforming to a 4-space indentation code style. ([1508](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1508))
*`ERC20`: more gas efficient due to removed redundant `require`s. ([#1409](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1409))
*`ERC721`: fixed a bug that prevented internal data structures from being properly cleaned, missing potential gas refunds. ([#1539](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1539) and [#1549](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1549))
*`ERC721`: general gas savings on `transferFrom`, `_mint` and `_burn`, due to redundant `require`s and `SSTORE`s. ([#1549](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1549))
### Bugfixes
### Breaking changes
### Deprecations
*`ERC721._burn(address owner, uint256 tokenId)`: due to the `owner` parameter being unnecessary. ([#1550](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1550))
*`RefundableCrowdsale`: due to trading abuse potential on crowdsales that miss their goal. ([#1543](https://github.com/OpenZeppelin/openzeppelin-solidity/pull/1543))
We really appreciate and value contributions to OpenZeppelin. Please take 5' to review the items listed below to make sure that your contributions are merged as soon as possible.
We really appreciate and value contributions to OpenZeppelin Contracts. Please take 5' to review the items listed below to make sure that your contributions are merged as soon as possible.
## Contribution guidelines
Smart contracts manage value and are highly vulnerable to errors and attacks. We have very strict guidelines, please make sure to review them: ["Contribution guidelines wiki entry"](https://github.com/OpenZeppelin/openzeppelin-solidity/wiki/Contribution-guidelines).
Smart contracts manage value and are highly vulnerable to errors and attacks. We have very strict [guidelines], please make sure to review them!
## Creating Pull Requests (PRs)
As a contributor, you are expected to fork this repository, work on your own fork and then submit pull requests. The pull requests will be reviewed and eventually merged into the main repo. See ["Fork-a-Repo"](https://help.github.com/articles/fork-a-repo/) for how this works.
*IMPORTANT*
* Please see ["Git flow wiki entry"](https://github.com/OpenZeppelin/openzeppelin-solidity/wiki/Git-flow) for understanding how to use branches in this repository.
## A typical workflow
1) Make sure your fork is up to date with the main repository:
NOTE: The directory `openzeppelin-solidity` represents your fork's local copy.
NOTE: The directory `openzeppelin-contracts` represents your fork's local copy.
2) Branch out from `master` into `fix/some-bug-#123`:
(Postfixing #123 will associate your PR with the issue #123 and make everyone's life easier =D)
@ -32,7 +29,7 @@ NOTE: The directory `openzeppelin-solidity` represents your fork's local copy.
git checkout -b fix/some-bug-#123
```
3) Make your changes, add your files, commit and push to your fork.
3) Make your changes, add your files, commit, and push to your fork.
```
git add SomeFile.js
@ -40,19 +37,28 @@ git commit "Fix some bug #123"
git push origin fix/some-bug-#123
```
4) Go to [github.com/OpenZeppelin/openzeppelin-solidity](https://github.com/OpenZeppelin/zeppelin-solidity) in your web browser and issue a new pull request.
4) Run tests, linter, etc. This can be done by running local continuous integration and make sure it passes.
*IMPORTANT* Read the PR template very carefully and make sure to follow all the instructions. These instructions
refer to some very important conditions that your PR must meet in order to be accepted, such as making sure that all tests pass, JS linting tests pass, solidity linting tests pass, etc.
```bash
npm test
npm run lint
```
5) Maintainers will review your code and possibly ask for changes before your code is pulled in to the main repository. We'll check that all tests pass, review the coding style, and check for general code correctness. If everything is OK, we'll merge your pull request and your code will be part of OpenZeppelin.
5) Go to [github.com/OpenZeppelin/openzeppelin-contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) in your web browser and issue a new pull request.
*IMPORTANT*Please pay attention to the maintainer's feedback, since its a necessary step to keep up with the standards OpenZeppelin attains to.
*IMPORTANT*Read the PR template very carefully and make sure to follow all the instructions. These instructions
refer to some very important conditions that your PR must meet in order to be accepted, such as making sure that all tests pass, JS linting tests pass, Solidity linting tests pass, etc.
6) Maintainers will review your code and possibly ask for changes before your code is pulled in to the main repository. We'll check that all tests pass, review the coding style, and check for general code correctness. If everything is OK, we'll merge your pull request and your code will be part of OpenZeppelin Contracts.
*IMPORTANT* Please pay attention to the maintainer's feedback, since it's a necessary step to keep up with the standards OpenZeppelin Contracts attains to.
## All set!
If you have any questions feel free to post them to github.com/OpenZeppelin/openzeppelin-solidity/issues.
If you have any questions, feel free to post them to github.com/OpenZeppelin/openzeppelin-contracts/issues.
Finally, if you're looking to collaborate and want to find easy tasks to start, look at the issues we marked as ["Good first issue"](https://github.com/OpenZeppelin/openzeppelin-solidity/labels/good%20first%20issue).
Finally, if you're looking to collaborate and want to find easy tasks to start, look at the issues we marked as ["Good first issue"](https://github.com/OpenZeppelin/openzeppelin-contracts/labels/good%20first%20issue).
These are some global design goals in OpenZeppelin Contracts.
#### D0 - Security in Depth
We strive to provide secure, tested, audited code. To achieve this, we need to match intention with function. Thus, documentation, code clarity, community review and security discussions are fundamental.
#### D1 - Simple and Modular
Simpler code means easier audits, and better understanding of what each component does. We look for small files, small contracts, and small functions. If you can separate a contract into two independent functionalities you should probably do it.
#### D2 - Naming Matters
We take our time with picking names. Code is going to be written once, and read hundreds of times. Renaming for clarity is encouraged.
#### D3 - Tests
Write tests for all your code. We encourage Test Driven Development so we know when our code is right. Even though not all code in the repository is tested at the moment, we aim to test every line of code in the future.
#### D4 - Check preconditions and post-conditions
A very important way to prevent vulnerabilities is to catch a contract’s inconsistent state as early as possible. This is why we want functions to check pre- and post-conditions for executing its logic. When writing code, ask yourself what you are expecting to be true before and after the function runs, and express it in code.
#### D5 - Code Consistency
Consistency on the way classes are used is paramount to an easier understanding of the library. The codebase should be as unified as possible. Read existing code and get inspired before you write your own. Follow the style guidelines. Don’t hesitate to ask for help on how to best write a specific piece of code.
#### D6 - Regular Audits
Following good programming practices is a way to reduce the risk of vulnerabilities, but professional code audits are still needed. We will perform regular code audits on major releases, and hire security professionals to provide independent review.
# Style Guidelines
The design guidelines have quite a high abstraction level. These style guidelines are more concrete and easier to apply, and also more opinionated. We value clean code and consistency, and those are prerequisites for us to include new code in the repository. Before proposing a change, please read these guidelines and take some time to familiarize yourself with the style of the existing codebase.
## Solidity code
In order to be consistent with all the other Solidity projects, we follow the
[official recommendations documented in the Solidity style guide](http://solidity.readthedocs.io/en/latest/style-guide.html).
Any exception or additions specific to our project are documented below.
* Try to avoid acronyms and abbreviations.
* All state variables should be private.
* Private state variables should have an underscore prefix.
```
contract TestContract {
uint256 private _privateVar;
uint256 internal _internalVar;
}
```
* Parameters must not be prefixed with an underscore.
```
function test(uint256 testParameter1, uint256 testParameter2) {
...
}
```
* Internal and private functions should have an underscore prefix.
```
function _testInternal() internal {
...
}
```
```
function _testPrivate() private {
...
}
```
* Events should be emitted immediately after the state change that they
represent, and consequently they should be named in past tense.
```
function _burn(address who, uint256 value) internal {
super._burn(who, value);
emit TokensBurned(who, value);
}
```
Some standards (e.g. ERC20) use present tense, and in those cases the
standard specification prevails.
* Interface names should have a capital I prefix.
```
interface IERC777 {
```
## Tests
* Tests Must be Written Elegantly
Tests are a good way to show how to use the library, and maintaining them is extremely necessary. Don't write long tests, write helper functions to make them be as short and concise as possible (they should take just a few lines each), and use good variable names.
* Tests Must not be Random
Inputs for tests should not be generated randomly. Accounts used to create test contracts are an exception, those can be random. Also, the type and structure of outputs should be checked.
With OpenZeppelin, you can build distributed applications, protocols and organizations:
- using common contract security patterns (See [Onward with Ethereum Smart Contract Security](https://medium.com/bitcorps-blog/onward-with-ethereum-smart-contract-security-97a827e47702#.y3kvdetbz))
- in the [Solidity language](https://solidity.readthedocs.io/en/develop/).
**A library for secure smart contract development.** Build on a solid foundation of community-vetted code.
> NOTE: New to smart contract development? Check our [introductory guide](https://medium.com/zeppelin-blog/the-hitchhikers-guide-to-smart-contracts-in-ethereum-848f08001f05#.cox40d2ut).
* Implementations of standards like [ERC20](https://docs.openzeppelin.com/contracts/erc20) and [ERC721](https://docs.openzeppelin.com/contracts/erc721).
* Reusable [Solidity components](https://docs.openzeppelin.com/contracts/utilities) to build custom contracts and complex decentralized systems.
## Getting Started
:mage: **Not sure how to get started?** Check out [Contracts Wizard](https://wizard.openzeppelin.com/) — an interactive smart contract generator.
OpenZeppelin integrates with [Truffle](https://github.com/ConsenSys/truffle) and [Embark](https://github.com/embark-framework/embark/).
:building_construction: **Want to scale your decentralized application?** Check out [OpenZeppelin Defender](https://openzeppelin.com/defender) — a secure platform for automating and monitoring your operations.
## Truffle
## Overview
To use with Truffle, first install it and initialize your project with `truffle init`.
### Installation
```sh
npm install -g truffle
mkdir myproject &&cd myproject
truffle init
```console
$npm install @openzeppelin/contracts
```
## Embark
OpenZeppelin Contracts features a [stable API](https://docs.openzeppelin.com/contracts/releases-stability#api-stability), which means that your contracts won't break unexpectedly when upgrading to a newer minor version.
To use with Embark, first install it and initialize your project with `embark new MyApp`.
An alternative to npm is to use the GitHub repository (`openzeppelin/openzeppelin-contracts`) to retrieve the contracts. When doing this, make sure to specify the tag for a release such as `v4.5.0`, instead of using the `master` branch.
```sh
npm install -g embark
embark new MyApp
cd MyApp
```
### Usage
## Installing OpenZeppelin
After installing either Framework, to install the OpenZeppelin library, run the following in your Solidity project root directory:
```sh
npm init -y
npm install -E openzeppelin-solidity
```
**Note that OpenZeppelin does not currently follow semantic versioning.** You may encounter breaking changes upon a minor version bump. We recommend pinning the version of OpenZeppelin you use, as done by the `-E` (`--save-exact`) option.
After that, you'll get all the library's contracts in the `node_modules/openzeppelin-solidity/contracts` folder. You can use the contracts in the library like so:
Once installed, you can use the contracts in the library by importing them:
If you are using Embark, you can also import directly from github:
_If you're new to smart contract development, head to [Developing Smart Contracts](https://docs.openzeppelin.com/learn/developing-smart-contracts) to learn about creating a new project and compiling your contracts._
To keep your system secure, you should **always** use the installed code as-is, and neither copy-paste it from online sources nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs.
contractMyContractisOwnable{
...
}
```
## Learn More
The guides in the [documentation site](https://docs.openzeppelin.com/contracts) will teach about different concepts, and how to use the related contracts that OpenZeppelin Contracts provides:
* [Access Control](https://docs.openzeppelin.com/contracts/access-control): decide who can perform each of the actions on your system.
* [Tokens](https://docs.openzeppelin.com/contracts/tokens): create tradeable assets or collectives, and distribute them via [Crowdsales](https://docs.openzeppelin.com/contracts/crowdsales).
* [Gas Station Network](https://docs.openzeppelin.com/contracts/gsn): let your users interact with your contracts without having to pay for gas themselves.
* [Utilities](https://docs.openzeppelin.com/contracts/utilities): generic useful tools including non-overflowing math, signature verification, and trustless paying systems.
The [full API](https://docs.openzeppelin.com/contracts/api/token/ERC20) is also thoroughly documented, and serves as a great reference when developing your smart contract application. You can also ask for help or follow Contracts's development in the [community forum](https://forum.openzeppelin.com).
Finally, you may want to take a look at the [guides on our blog](https://blog.openzeppelin.com/guides), which cover several common use cases and good practices. The following articles provide great background reading, though please note that some of the referenced tools have changed, as the tooling in the ecosystem continues to rapidly evolve.
* [The Hitchhiker’s Guide to Smart Contracts in Ethereum](https://blog.openzeppelin.com/the-hitchhikers-guide-to-smart-contracts-in-ethereum-848f08001f05) will help you get an overview of the various tools available for smart contract development, and help you set up your environment.
* [A Gentle Introduction to Ethereum Programming, Part 1](https://blog.openzeppelin.com/a-gentle-introduction-to-ethereum-programming-part-1-783cc7796094) provides very useful information on an introductory level, including many basic concepts from the Ethereum platform.
* For a more in-depth dive, you may read the guide [Designing the Architecture for Your Ethereum Application](https://blog.openzeppelin.com/designing-the-architecture-for-your-ethereum-application-9cec086f8317), which discusses how to better structure your application and its relationship to the real world.
## Security
OpenZeppelin is meant to provide secure, tested and community-audited code, but please use common sense when doing anything that deals with real money! We take no responsibility for your implementation decisions and any security problem you might experience.
If you find a security issue, please email [security@openzeppelin.org](mailto:security@openzeppelin.org).
This project is maintained by [OpenZeppelin](https://openzeppelin.com), and developed following our high standards for code quality and security. OpenZeppelin Contracts is meant to provide tested and community-audited code, but please use common sense when doing anything that deals with real money! We take no responsibility for your implementation decisions and any security problems you might experience.
## Developer Resources
The core development principles and strategies that OpenZeppelin Contracts is based on include: security in depth, simple and modular code, clarity-driven naming conventions, comprehensive unit testing, pre-and-post-condition sanity checks, code consistency, and regular audits.
Building a distributed application, protocol or organization with OpenZeppelin?
The latest audit was done on October 2018 on version 2.0.0.
We have a [**bug bounty program** on Immunefi](https://www.immunefi.com/bounty/openzeppelin). Please report any security issues you find through the Immunefi dashboard, or reach out to security@openzeppelin.com.
- Ask for help and follow progress at: https://slack.openzeppelin.org/
Critical bug fixes will be backported to past major releases.
Interested in contributing to OpenZeppelin?
## Contribute
- Framework proposal and roadmap: https://medium.com/zeppelin-blog/zeppelin-framework-proposal-and-development-roadmap-fdfa9a3a32ab#.iain47pak
OpenZeppelin Contracts exists thanks to its contributors. There are many ways you can participate and help build high quality software. Check out the [contribution guide](CONTRIBUTING.md)!
## License
Code released under the [MIT License](https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/LICENSE).
OpenZeppelin Contracts is released under the [MIT License](LICENSE).
After the final release, the release branch should be merged back into `master`. This merge must not be squashed because it would lose the tagged release commit. Since the GitHub repo is set up to only allow squashed merges, the merge should be done locally and pushed.
Make sure to have the latest changes from `upstream` in your local release branch.
We have a [**bug bounty program** on Immunefi](https://www.immunefi.com/bounty/openzeppelin). Please report any security issues you find through the Immunefi dashboard, or reach out to security@openzeppelin.com.
Critical bug fixes will be backported to past major releases.
## Supported Versions
The recommendation is to use the latest version available.
NOTE ON 2021-07-19: This report makes reference to Zeppelin, OpenZeppelin, OpenZeppelin [C]ontracts, the OpenZeppelin team, and OpenZeppelin library. Many of these things have since been renamed and know that this audit applies to what is currently called the OpenZeppelin Contracts which are maintained by the OpenZeppelin Conracts Community.
March, 2017
Authored by Dennis Peterson and Peter Vessenes
@ -131,7 +133,7 @@ I presume that the goal of this contract is to allow and annotate a migration to
We like these pauses! Note that these allow significant griefing potential by owners, and that this might not be obvious to participants in smart contracts using the OpenZeppelin framework. We would recommend that additional sample logic be added to for instance the TokenContract showing safer use of the pause and resume functions. In particular, we would recommend a timelock after which anyone could unpause the contract.
The modifers use the pattern `if(bool){_;}`. This is fine for functions that return false upon failure, but could be problematic for functions expected to throw upon failure. See our comments above on standardizing on `throw` or `return(false)`.
The modifiers use the pattern `if(bool){_;}`. This is fine for functions that return false upon failure, but could be problematic for functions expected to throw upon failure. See our comments above on standardizing on `throw` or `return(false)`.
NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/access
This directory provides ways to restrict who can access the functions of a contract or when they can do it.
- {AccessControl} provides a general role based access control mechanism. Multiple hierarchical roles can be created and assigned each to multiple accounts.
- {Ownable} is a simpler mechanism with a single owner "role" that can be assigned to a single account. This simpler mechanism can be useful for quick tests but projects with production concerns are likely to outgrow it.
NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/crosschain
This directory provides building blocks to improve cross-chain awareness of smart contracts.
- {CrossChainEnabled} is an abstraction that contains accessors and modifiers to control the execution flow when receiving cross-chain messages.
== CrossChainEnabled specializations
The following specializations of {CrossChainEnabled} provide implementations of the {CrossChainEnabled} abstraction for specific bridges. This can be used to complex cross-chain aware components such as {AccessControlCrossChain}.
{{CrossChainEnabledAMB}}
{{CrossChainEnabledArbitrumL1}}
{{CrossChainEnabledArbitrumL2}}
{{CrossChainEnabledOptimism}}
{{CrossChainEnabledPolygonChild}}
== Libraries for cross-chain
In addition to the {CrossChainEnabled} abstraction, cross-chain awareness is also available through libraries. These libraries can be used to build complex designs such as contracts with the ability to interact with multiple bridges.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
