OpenZeppelin 合约库
OpenZeppelin 合约库
本页内容正在整理中,欢迎贡献。
概述
OpenZeppelin Contracts 是以太坊生态最广泛使用的 Solidity 合约库,提供经过安全审计的 ERC 标准实现、访问控制、可升级性和常用工具合约。绝大多数生产级 DApp 都基于 OpenZeppelin 构建。
主要内容
安装
# Hardhat / npm 项目npm install @openzeppelin/contracts
# Foundryforge install OpenZeppelin/openzeppelin-contracts# 在 remappings.txt 中添加:# @openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/ERC-20 代币实现
// SPDX-License-Identifier: MITpragma solidity ^0.8.20;
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";import "@openzeppelin/contracts/access/Ownable.sol";
contract MyToken is ERC20, ERC20Burnable, Ownable { constructor(address initialOwner) ERC20("My Token", "MTK") Ownable(initialOwner) { _mint(msg.sender, 1_000_000 * 10 ** decimals()); }
function mint(address to, uint256 amount) public onlyOwner { _mint(to, amount); }}ERC-721 NFT 实现
import "@openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";import "@openzeppelin/contracts/access/Ownable.sol";
contract MyNFT is ERC721URIStorage, Ownable { uint256 private _nextTokenId;
constructor(address initialOwner) ERC721("My NFT", "MNFT") Ownable(initialOwner) {}
function safeMint(address to, string memory uri) public onlyOwner { uint256 tokenId = _nextTokenId++; _safeMint(to, tokenId); _setTokenURI(tokenId, uri); }}访问控制
Ownable(单一 Owner)
import "@openzeppelin/contracts/access/Ownable.sol";
contract MyContract is Ownable { constructor() Ownable(msg.sender) {}
function adminFunction() external onlyOwner { // 只有 owner 可以调用 }
// 转移 Owner: transferOwnership(newOwner) // 放弃 Owner: renounceOwnership()}AccessControl(基于角色)
import "@openzeppelin/contracts/access/AccessControl.sol";
contract MyContract is AccessControl { bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE"); bytes32 public constant PAUSER_ROLE = keccak256("PAUSER_ROLE");
constructor() { _grantRole(DEFAULT_ADMIN_ROLE, msg.sender); _grantRole(MINTER_ROLE, msg.sender); }
function mint(address to) external onlyRole(MINTER_ROLE) { // 只有 MINTER_ROLE 可以调用 }}安全工具
// ReentrancyGuard - 防止重入攻击import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
contract MyContract is ReentrancyGuard { function withdraw() external nonReentrant { // 防重入保护 }}
// Pausable - 紧急暂停import "@openzeppelin/contracts/utils/Pausable.sol";
contract MyContract is Pausable, Ownable { function pause() external onlyOwner { _pause(); } function unpause() external onlyOwner { _unpause(); }
function transfer() external whenNotPaused { // 暂停时无法调用 }}可升级合约(Upgradeable 版本)
npm install @openzeppelin/contracts-upgradeablenpm install @openzeppelin/hardhat-upgrades// 使用 Upgradeable 版本,用 initialize 代替 constructorimport "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
contract MyTokenV1 is Initializable, ERC20Upgradeable { function initialize(string memory name, string memory symbol) public initializer { __ERC20_init(name, symbol); _mint(msg.sender, 1_000_000 ether); }}常用合约一览
| 合约 | 用途 |
|---|---|
ERC20 | 同质化代币标准 |
ERC721 | NFT 标准 |
ERC1155 | 多代币标准 |
ERC4626 | 代币化金库 |
Ownable | 单一 Owner 访问控制 |
AccessControl | 基于角色的访问控制 |
ReentrancyGuard | 防重入攻击 |
Pausable | 紧急暂停功能 |
TimelockController | 时间锁延迟执行 |
Governor | 去中心化治理(DAO) |
SafeERC20 | 安全 ERC-20 调用封装 |
ECDSA | 签名验证工具 |
MerkleProof | Merkle 树证明验证 |
深入阅读
- OpenZeppelin 官方文档
- OpenZeppelin 合约向导 —— 可视化生成合约代码
- 合约安全审计报告
- ERC-20 Token 教程