OpenZeppelin 2.2.0


#1

No changes from the release candidate for this one, weโ€™re ironing out the kinks from the release process! :no_entry_sign: :bug:

This minor release includes a way to store token balances and supply so that they can be later queried in a gas-efficient manner :bookmark:, allows safe interaction with some old, non-compliant tokens :lock:, prevents user errors when using ECDSA signatures :memo: (the magic behind metatransactions! :sparkles:), and provides multiple minor additions and improvements to the API.

To install the release run npm install openzeppelin-solidity@latest.

We would love your help by reviewing newly added contracts, their interface and documentation so that we can make names clearer, features easier to use, and the library better as a whole! Your feedback is extremely useful to us :slight_smile:

Highlights

New features

  • ERC20Snapshot: this variant allows for snapshots to be created on demand, storing the current token balances and total supply so that they can be later retrieved in a gas-efficient manner and e.g. calculate dividends at a past time. (#1617)
  • SafeERC20: the ERC20 standard requires that all function calls (e.g. transfer, approve, etc.) return a boolean value indicating success. However, they are multiple widely used tokens out there that return no such value: they simply revert when encountering an error condition. Since Solidity v0.4.22, special code was needed to interact with this non-compliant tokens: now, all of SafeERC20 can be used to safely call both compliant and non-compliant tokens, without the developer having to worry about it. (#1655)
  • TimedCrowdsale: an internal _extendTime(uint256 newClosingTime) function was added (with a corresponding TimedCrowdsaleExtended(uint256 prevClosingTime, uint256 newClosingTime) event) allowing for users to safely develop mechanisms to extend the durations of unclosed crowdsales. Note that due to it being internal, thereโ€™s no out-of-the-box way to do it: this feature is opt-in and must be explicitly invoked by users.

Improvements

  • ECDSA: recover no longer accepts malleable signatures (those using upper-range values for s, or 0/1 for v). This helps prevent multiple issues when using signatures as unique identifiers. Read more about common ECDSA issues here. (#1622)
  • ERC721's transfers are now more gas efficient due to removal of unnecessary SafeMath calls. (#1610)

Bugfixes:

  • (minor) SafeERC20: safeApprove wasnโ€™t properly checking for a zero allowance when attempting to set a non-zero allowance. This bug was reported independently by @nikeshnazareth. Thanks a lot! (#1647)

Breaking changes:

  • TokenMetadata (in drafts) has been renamed to ERC20Metadata. (#1618)

You can also see all details of this release in our changelog.