Hi,
We have created a Token using this Sample of openZeppelin from GitHub: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/ERC20.sol
and we used Remix for making my Token, after that, we have added at Etharscan. Now it is live on Etharscan. We will start our ICO next month by this token.
So, if anybody can suggest to me that is this perfect for Token…? what I did.and is there any chance of hacking this token.
I hope all the tech guys suggestion.
Thanks and regards
2 Likes
Hi @bdtask,
ERC20 tokens being used as payment requires two transactions, one to approve an allowance, and the second to spend the token with a contract that then calls transferFrom. You may want to consider ERC777 see the OpenZeppelin ERC777 documentation for more details.
You may want to consider enabling Gas Station Network to allow your users to use your token without requiring Ether. See the OpenZeppelin GSN documentation for more details.
If you are creating a token with potential value, then you should have appropriate testing and auditing (see below). You can share your smart contract code here and the community may be able to give some feedback but this isn't a replacement for appropriate testing and auditing.
Regards testing, the following article is a good place to start:
Regards auditing, OpenZeppelin perform audits:
I found reading past audits very useful:
The following checklist for before an audit is worth reading:
Thanks for your reply,I followed the code what is given by openzepplin community.and just replace some info by my own.
1 Like
Hi @bdtask,
You still need to do appropriate testing and auditing.
ok, Thanks for your reply @abcoathup. but my question is if that ERC20 code is already in the market and people are using it. and we used that same code as many people referred us. So, do you think that could have any bugs?
If have any bugs then how i can solve it and how to do the audit.
Thanks
1 Like
Hi @bdtask,
Without seeing your code, it is hard to comment as I don’t know how you have used the OpenZeppelin ERC20 implementation and any other code you have included in your token implementation. (and as I said previously, community feedback isn’t a replacement for appropriate testing and auditing)
You should do appropriate testing for your token.
100% coverage for your unit tests is the recommendation in the checklist before an audit.
To do an audit, you would need to engage a third party auditor such as OpenZeppelin
Hi @bdtask. I have to agree with @abcoathup here. We cannot tell you if your contract is secure. You should have a thorough test suite of your system and you should have professional auditors look at the code. Please be responsible towards your investors and users in this regard. If you do not have the money to hire an audit service, the best recommendation I can make is to be transparent with the investors and users.
Thank you.
1 Like
Thanks for your email.Can you please tell us how much the auditing cost would be only the ERC20 Token page.I dont need to audit all the backend system of my code.I need only the ERC20 code to be review.if you have any suggestion just let me know.I will be very grateful to you.
1 Like
Please see openzeppelin.com/security-audits for instructions.
1 Like
ok, Thanks for your suggestion and help.
2 Likes
If we created ERC20 using OpenZeppelin's Contracts Wizard template and publish in remix on mainnet with only token name, symbol and units... do we still need to get Audit ? if yes, since we hv not injected any of our own code I'm sure it will faster audit and less fee. Any thoughts how to approach ?