or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

access-control.mdaccount-abstraction.mdfinance.mdgovernance.mdindex.mdmathematical-utilities.mdmeta-transactions.mdproxy-patterns.mdsecurity-utilities.mdtoken-standards.md
tile.json

tessl/npm-openzeppelin--contracts

Secure Smart Contract library for Solidity with battle-tested implementations of token standards, access control, governance, and essential utilities for building decentralized applications.

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/@openzeppelin/contracts@5.4.x

To install, run

npx @tessl/cli install tessl/npm-openzeppelin--contracts@5.4.0

index.mddocs/

OpenZeppelin Contracts

OpenZeppelin Contracts is a comprehensive library of secure, reusable Solidity smart contract components for Ethereum development. It provides battle-tested implementations of token standards (ERC20, ERC721, ERC1155), access control mechanisms, governance tools, proxy patterns for upgradeability, and essential utilities for building decentralized applications. The library follows security best practices with extensive auditing, formal verification, and community review.

Package Information

  • Package Name: @openzeppelin/contracts
  • Package Type: npm
  • Language: Solidity
  • Installation: npm install @openzeppelin/contracts

Core Imports

import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";

Basic Usage

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "@openzeppelin/contracts/access/Ownable.sol";

contract MyToken is ERC20, Ownable {
    constructor(address initialOwner) 
        ERC20("MyToken", "MTK") 
        Ownable(initialOwner) 
    {}

    function mint(address to, uint256 amount) public onlyOwner {
        _mint(to, amount);
    }
}

Architecture

OpenZeppelin Contracts is built around several key architectural patterns:

  • Modular Design: Contracts are designed to be composed together through inheritance and interfaces
  • Security-First: All contracts follow security best practices and are extensively audited
  • Standard Compliance: Implements all major Ethereum standards (ERC20, ERC721, ERC1155, etc.)
  • Upgradeability: Proxy patterns enable contract upgrades while preserving state
  • Gas Optimization: Efficient implementations that minimize gas costs
  • Extension System: Base contracts with optional extensions and utilities

Capabilities

Token Standards

Complete implementations of Ethereum token standards with extensions and utilities for custom functionality.

// ERC20 Token Standard
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
    constructor(string memory name_, string memory symbol_);
    function transfer(address to, uint256 value) public virtual returns (bool);
    function transferFrom(address from, address to, uint256 value) public virtual returns (bool);
    function approve(address spender, uint256 value) public virtual returns (bool);
    function balanceOf(address account) public view virtual returns (uint256);
    function totalSupply() public view virtual returns (uint256);
    function allowance(address owner, address spender) public view virtual returns (uint256);
}

// ERC721 NFT Standard  
abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Errors {
    constructor(string memory name_, string memory symbol_);
    function approve(address to, uint256 tokenId) public virtual;
    function transferFrom(address from, address to, uint256 tokenId) public virtual;
    function safeTransferFrom(address from, address to, uint256 tokenId) public virtual;
    function ownerOf(uint256 tokenId) public view virtual returns (address);
    function balanceOf(address owner) public view virtual returns (uint256);
}

// ERC1155 Multi-Token Standard
abstract contract ERC1155 is Context, ERC165, IERC1155, IERC1155MetadataURI, IERC1155Errors {
    constructor(string memory uri_);
    function safeTransferFrom(address from, address to, uint256 id, uint256 value, bytes memory data) public virtual;
    function safeBatchTransferFrom(address from, address to, uint256[] memory ids, uint256[] memory values, bytes memory data) public virtual;
    function balanceOf(address account, uint256 id) public view virtual returns (uint256);
    function balanceOfBatch(address[] memory accounts, uint256[] memory ids) public view virtual returns (uint256[] memory);
}

Token Standards

Access Control

Role-based and ownership-based access control mechanisms for secure contract administration.

// Single Owner Pattern
abstract contract Ownable is Context {
    constructor(address initialOwner);
    function owner() public view virtual returns (address);
    function transferOwnership(address newOwner) public virtual onlyOwner;
    function renounceOwnership() public virtual onlyOwner;
    modifier onlyOwner();
}

// Role-Based Access Control
abstract contract AccessControl is Context, IAccessControl, ERC165 {
    function hasRole(bytes32 role, address account) public view virtual returns (bool);
    function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role));
    function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role));
    function renounceRole(bytes32 role, address callerConfirmation) public virtual;
    modifier onlyRole(bytes32 role);
}

Access Control

Security Utilities

Essential security patterns and utilities for protecting against common vulnerabilities.

// Reentrancy Protection
abstract contract ReentrancyGuard {
    modifier nonReentrant();
}

// Emergency Pause Functionality
abstract contract Pausable is Context {
    function paused() public view virtual returns (bool);
    function _pause() internal virtual whenNotPaused;
    function _unpause() internal virtual whenPaused;
    modifier whenNotPaused();
    modifier whenPaused();
}

Security Utilities

Governance

On-chain governance systems with voting, proposal management, and timelock controls.

// Governor Contract
abstract contract Governor is Context, ERC165, EIP712, Nonces, IGovernor {
    function propose(address[] memory targets, uint256[] memory values, bytes[] memory calldatas, string memory description) public virtual returns (uint256);
    function execute(address[] memory targets, uint256[] memory values, bytes[] memory calldatas, bytes32 descriptionHash) public virtual returns (uint256);
    function castVote(uint256 proposalId, uint8 support) public virtual returns (uint256);
    function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) public virtual returns (uint256);
}

// Timelock Controller
contract TimelockController is AccessControl {
    function schedule(address target, uint256 value, bytes calldata data, bytes32 predecessor, bytes32 salt, uint256 delay) public virtual onlyRole(PROPOSER_ROLE);
    function execute(address target, uint256 value, bytes calldata payload, bytes32 predecessor, bytes32 salt) public virtual onlyRoleOrOpenRole(EXECUTOR_ROLE);
    function cancel(bytes32 id) public virtual onlyRole(CANCELLER_ROLE);
}

Governance

Proxy Patterns

Upgradeability patterns enabling contract logic updates while preserving state and addresses.

// ERC1967 Proxy
contract ERC1967Proxy is Proxy {
    constructor(address implementation, bytes memory _data);
}

// Transparent Upgradeable Proxy
contract TransparentUpgradeableProxy is ERC1967Proxy {
    constructor(address _logic, address initialOwner, bytes memory _data);
}

// UUPS Upgradeable
abstract contract UUPSUpgradeable is IERC1822Proxiable, ERC1967Utils {
    function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy;
    function proxiableUUID() external view virtual notDelegated returns (bytes32);
}

Proxy Patterns

Mathematical Utilities

Safe mathematical operations and data structures for common smart contract patterns.

// Math Library
library Math {
    function max(uint256 a, uint256 b) internal pure returns (uint256);
    function min(uint256 a, uint256 b) internal pure returns (uint256);
    function average(uint256 a, uint256 b) internal pure returns (uint256);
    function sqrt(uint256 a) internal pure returns (uint256);
}

// Safe Casting
library SafeCast {
    function toUint248(uint256 value) internal pure returns (uint248);
    function toUint240(uint256 value) internal pure returns (uint240);
    function toInt256(uint256 value) internal pure returns (int256);
}

// Address Utilities
library Address {
    function isContract(address account) internal view returns (bool);
    function sendValue(address payable recipient, uint256 amount) internal;
    function functionCall(address target, bytes memory data) internal returns (bytes memory);
}

Mathematical Utilities

Account Abstraction

ERC-4337 compliant smart contract wallets with modular authentication and gasless transactions.

// ERC-4337 Account Contract
contract Account is Context, IERC165, IERC1271, IAccount, Ownable, UUPSUpgradeable {
    constructor(IEntryPoint anEntryPoint);
    function validateUserOp(PackedUserOperation calldata userOp, bytes32 userOpHash, uint256 missingAccountFunds) external virtual returns (uint256 validationData);
    function executeUserOp(PackedUserOperation calldata userOp, bytes32 userOpHash) external virtual;
    function execute(address target, uint256 value, bytes calldata data) external virtual requireFromEntryPointOrOwner;
    function executeBatch(address[] calldata targets, uint256[] calldata values, bytes[] calldata data) external virtual requireFromEntryPointOrOwner;
}

Account Abstraction

Finance

Token vesting and financial management contracts for controlled distribution over time.

// Vesting Wallet
contract VestingWallet is Context, Ownable {
    constructor(address beneficiary, uint64 startTimestamp, uint64 durationSeconds);
    function release() public virtual;
    function release(address token) public virtual;
    function releasable() public view virtual returns (uint256);
    function releasable(address token) public view virtual returns (uint256);
    function vestedAmount(uint64 timestamp) public view virtual returns (uint256);
}

// Vesting with Cliff
contract VestingWalletCliff is VestingWallet {
    constructor(address beneficiary, uint64 startTimestamp, uint64 durationSeconds, uint64 cliffSeconds);
    function cliff() public view virtual returns (uint256);
}

Finance

Meta-transactions

ERC-2771 gasless transactions enabling users to interact without paying gas fees directly.

// ERC-2771 Context
abstract contract ERC2771Context is Context {
    constructor(address trustedForwarder);
    function isTrustedForwarder(address forwarder) public view virtual returns (bool);
    function _msgSender() internal view virtual override returns (address);
    function _msgData() internal view virtual override returns (bytes calldata);
}

// ERC-2771 Forwarder
contract ERC2771Forwarder is ERC165, EIP712, Nonces, IERC2771Forwarder {
    constructor(string memory name);
    function verify(ForwardRequestData calldata request) public view virtual returns (bool);
    function execute(ForwardRequestData calldata request) public payable virtual returns (bool success, bytes memory returndata);
    function executeBatch(ForwardRequestData[] calldata requests, address payable refundReceiver) public payable virtual;
}

Meta-transactions

Common Types

// Standard Interfaces
interface IERC20 {
    function transfer(address to, uint256 value) external returns (bool);
    function transferFrom(address from, address to, uint256 value) external returns (bool);
    function approve(address spender, uint256 value) external returns (bool);
    function balanceOf(address account) external view returns (uint256);
    function totalSupply() external view returns (uint256);
    function allowance(address owner, address spender) external view returns (uint256);
}

interface IERC721 {
    function approve(address to, uint256 tokenId) external;
    function transferFrom(address from, address to, uint256 tokenId) external;
    function safeTransferFrom(address from, address to, uint256 tokenId) external;
    function ownerOf(uint256 tokenId) external view returns (address);
    function balanceOf(address owner) external view returns (uint256);
}

interface IERC1155 {
    function safeTransferFrom(address from, address to, uint256 id, uint256 value, bytes calldata data) external;
    function safeBatchTransferFrom(address from, address to, uint256[] calldata ids, uint256[] calldata values, bytes calldata data) external;
    function balanceOf(address account, uint256 id) external view returns (uint256);
    function balanceOfBatch(address[] calldata accounts, uint256[] calldata ids) external view returns (uint256[] memory);
}

// Access Control
interface IAccessControl {
    function hasRole(bytes32 role, address account) external view returns (bool);
    function grantRole(bytes32 role, address account) external;
    function revokeRole(bytes32 role, address account) external;
    function renounceRole(bytes32 role, address callerConfirmation) external;
}

// Governance
interface IGovernor {
    function propose(address[] memory targets, uint256[] memory values, bytes[] memory calldatas, string memory description) external returns (uint256);
    function execute(address[] memory targets, uint256[] memory values, bytes[] memory calldatas, bytes32 descriptionHash) external returns (uint256);
    function castVote(uint256 proposalId, uint8 support) external returns (uint256);
}