Hi @sjuanati,
I like the idea of an extension for storing token URI, especially for projects wanting to use decentralized storage.
Having a very quick look at your example (I may not have have spotted everything, and I am a community manager and not a security researcher):
-
I would only include functionality that you need (e.g. in
tokenURI
). -
You could use AccessControl rather than ownable, so you could define a MINTER_ROLE and a SET_BASE_URI_ROLE: https://docs.openzeppelin.com/contracts/3.x/access-control.
-
In the require checks, the message should be updated to use the name of your contract, e.g. :
Example: URI set of nonexistent token
-
I prefer to use Counters to increment the token ID, but this costs extra gas, so may be better to generate the token ID off chain.
As an aside you can: Format code in the forum