Integrating ERC20 tokens in an app has usually been the source of unexpected issues, due to contracts not properly adhering to the standard. Nacho Mazzara from Decentraland wrote about this almost a year ago. And with DeFi composability on the rise in the past few months, these problems are surfacing more and more often. We heard a lot of complaints about this recently in Devcon as well.
To help with this, we took a few hours off from our daily tasks and decided to repurpose a verifier tool built by @tinchoabbate to check compliance with the ERC20 standard, and created a small app around it. The app pulls the Solidity code from Etherscan given an address, and runs the verifier tool on the code. In turn, the verifier uses Slither, a Solidity static analyzer, behind the scenes.
The result? Check it out at erc20-verifier.openzeppelin.com
Note that the script does not verify that the functions found behave as expected. It just checks for matching signatures, return types, existence of custom modifiers, event emissions, among others. It is also limited to tokens built with Solidity 0.4 or 0.5 at the moment. Feel free to browse the code and contribute on github.