Is it still safe to use openzeppelin 2.5 crowd sale?


I am launching a crowd sale and I see openzeppelin’s crowd sale supporting all the features I want except a vesting schedule which I will implement.

However, since it’s only in 2.5 and not updated, is it still supported and safe to use right now?

I know someone asked about that earlier but that was a few months ago.

Thanks for advance.

1 Like

Me as new developer also curious about it.
It is mentioned after pragma 0.6.0 it is not supported as it’s need to import files.

1 Like

I noticed the following in PostDeliveryCrowdsale.sol. The last two lines seems to have a problem. I am a beginner so I may be wrong.
I don’t see a require for _vault.transfer. Does that mean the possibility the balance of the beneficiary can be set to 0, then the transfer fails and the beneficiary never gets his token since it won’t reverse?

function withdrawTokens(address beneficiary) public {
    require(hasClosed(), "PostDeliveryCrowdsale: not closed");
    uint256 amount = _balances[beneficiary];
    require(amount > 0, "PostDeliveryCrowdsale: beneficiary is not due any tokens");

    _balances[beneficiary] = 0;
    _vault.transfer(token(), beneficiary, amount);

Hello @abcoathup
Can you please review the security issue above. I am probably very wrong but just wanted to be sure.

Please check out a contract created by @FreezyEx !

1 Like

Thank you. Looks good but misses a lot of the features I need like whitelisting.