OpenZeppelin 2.1

2.1 is finally out! :tada: Here are the highlights of this release.

Solidity 0.5

The most significant change is that OpenZeppelin now works with Solidity 0.5.0. This new release of the compiler introduced many breaking changes, and our old contracts were no longer compatible with it. After much discussion, we’ve decided to drop the Solidity compiler version out of our stability guarantees: in an attempt to both use the best possible tools and push the industry forward, our releases will target a recent compiler version, which may change between minor releases.

This means that installing this new OpenZeppelin version will require you to upgrade your compiler to the 0.5.x line, which can be easily done with the recently released Truffle 5. OpenZeppelin’s 2.0 release will be the last one with support for Solidity 0.4, which we will still support in the form of bugfixes.

In general, if you’re not sure whether you’ll want to upgrade your compiler version, feel free to pin an OpenZeppelin version during installation. :pushpin:

npm install --save-exact openzeppelin-solidity@2.1

If you want to know more about our rationale behind this decision, and why we discarded other possible approaches, check out this comment in the issues.

Whitelist Crowdsale

In 2.0, with the introduction of Roles, we removed WhitelistedCrowdsale because we still hadn’t found the best way to fit it into the Roles framework. Many users requested to have it back so we’ve added a new WhitelistCrowdsale contract.

In this crowdsale flavor, only whitelisted accounts can purchase tokens, that is those with the Whitelisted role. This is a new kind of role that has an associated admin role that can add or remove accounts from it. In this case that is the WhitelistAdmin role.

Check out pull requests #1525 and #1589 to learn more.

ERC20 Approval Events

ERC20's transfer and transferFrom functions emit a Transfer event. By reading these events, clients and services can keep track of the balances of all accounts, and react whenever they change. For allowances, which are the other important piece of state in ERC20, there is usually no similar way to keep track of changes, because transferFrom doesn’t emit a recognizable event. We’ve begun to emit Approval events with the updated allowance value in those functions that change it: transferFrom and _burnFrom. This will allow applications to track all of a token’s state exclusively through events.

Note that this is non-standard, so you can’t expect arbitrary tokens to emit this event in the same conditions.

Check out pull request #1524 to learn more.

Signed Safe Math

We’ve added a new library for doing signed arithmetic of int256 values with overflow checks: SignedSafeMath. Check out pull requests #1559 and #1588 to learn more.

Gas Optimizations

OpenZeppelin is written in a modular style because we believe it makes for code that is easier to secure and understand. This modularization sometimes come at the cost of performance, and ERC721 was one such example, where the performance was worse than needed because of the internal structure of the contract. We’ve now removed a redundant SSTORE and some redundant requires, and made ERC721 and ERC20 more gas efficient. Thanks @abandeali1 for pointing this out!

Check out pull requests #1409 and #1549 for more details.


We have a brand new changelog. Make sure to update it in your next pull request!

The first 2.1 release will be 2.1.1, due to a minor mishap that caused a conflict in the npm registry. :man_facepalming: