nibbstack / erc721 Goto Github PK
View Code? Open in Web Editor NEWThe reference implementation of the ERC-721 non-fungible token standard.
License: MIT License
The reference implementation of the ERC-721 non-fungible token standard.
License: MIT License
Shouldn't it be better to use https://github.com/OpenZeppelin/openzeppelin-solidity/tree/master/contracts/token/ERC721 ?
This is probably just a documentation change.
Let's find a way to add a screenshot.
After updating to the latest version of solidity we can see the warnings below:
Compilation warnings encountered:
/Users/xpeper/Work/0xcert.org/repositories/ethereum-erc721/contracts/tokens/ERC721.sol:142:3: Warning: Functions in interfaces should be declared external.
function getApproved(
^ (Relevant source part starts here and spans across multiple lines).
,/Users/xpeper/Work/0xcert.org/repositories/ethereum-erc721/contracts/mocks/NFTokenMetadataEnumerableMock.sol:6:1: Warning: Base constructor arguments given twice.
contract NFTokenMetadataEnumerableMock is NFTokenEnumerable, NFTokenMetadata {
^ (Relevant source part starts here and spans across multiple lines).
/Users/xpeper/Work/0xcert.org/repositories/ethereum-erc721/contracts/tokens/NFTokenEnumerable.sol:35:5: First constructor call is here:
NFToken()
^-------^
/Users/xpeper/Work/0xcert.org/repositories/ethereum-erc721/contracts/tokens/NFTokenMetadata.sol:35:5: Second constructor call is here:
NFToken()
^-------^
I have to say it IS convenient in my unit tests, that it does, but not all deployments will require it.
In the removeNFToken function in the NFTokenEnumerable.sol file ownerToIds[_from][lastTokenIndex]
is set to 0 twice instead of once. This is redundant and costs about 5300 extra gas.
Here is the code I am talking about:
ownerToIds[_from][lastTokenIndex] = 0;
ownerToIds[_from].length--;
The first line obviously sets ownerToIds[_from][lastTokenIndex]
to 0. Reducing the length of the array also sets ownerToIds[_from][lastTokenIndex]
to 0.
So it makes sense to get rid of this line: ownerToIds[_from][lastTokenIndex] = 0;.
I think canTransfer
modifier should be moved to private _transfer
function instead of other wrapping functions. If somebody decides to build upon our implementation then decoupling these could pose a serious risk: one just needs to add another function which calls _transfer
and forget to add the modifier. Or changes _transfer to external.
_mint
removeNFToken
addNFToken
If issue #9 gets accepted then _safeTransferFrom
should just call transferFrom
before checking if recipient is a contract.
The ERC721 standard changed recently. The onERC721Received function now has an additional operator parameter. This should be updated in ERC721 code so that it complies with the ERC721 standard.
Low Severity
For manager.0xcert.org, the suggested website for getting Ropsten ether is http://ethereumfaucet.info/ is filled with ads and looks super scammy.
Instead, use the Metamask faucet https://faucet.metamask.io/ or ALabs Faucet http://faucet.ropsten.be:3001/
@lknix asked me to file an issue but it wasn't clear what repo to put this in. Please point me at the manager repo -- I have other bugs to file :)
The 0xcert team has decided to provide a valid and secure ERC-721 implementation for the Ethereum community. We recognize the need and necessity of a security audit in order to keep all further usage safe and secure. In this light, a bug bounty program is being launched and we would love if the community can help find and disclose security issues and vulnerabilities.
ERC-721 is a standard interface for non-fungible tokens on the Ethereum blockchain, invented by Dieter Shirley and written by William Entriken. The 0xcert development team decided to build the fully compatible implementation, which is going to be open-source and available to everyone.
This bug bounty program will run from 2018-05-16 at 00:01 CET to 2018-07-16 at 23:59 CET. All of the discussions and code in this bug bounty program are publicly available in this repository. Help us find any problems with the ERC-721 implementation and you will be rewarded.
high
severity bug.medium
and low
bugs will receive our 0xcert t-shirt and an honorable mention.Severity | Examples |
---|---|
High | Allowing tokens to get lost, stolen, or become unusable. |
Medium | An undocumented function, documentation of a user-facing function that does not completely explain what is happening from the user’s perspective (i.e. unspecified side effects). |
Low | Any typo that does not affect program functionality. Recommended changes to functionality which are helpful and optimize the code. |
Note that if the EIP standard is amended then an issue will be Low
severity if it points this out to us. We will support the updated standard.
We are providing another bounty for a token that builds on top of this implementation called Xcert. If you are interested in participating in that bounty you can check it out here: 0xcert/ethereum-xcert#24
Hi,
How will I call .json files from build folder Truffle...?Truffle migration successfully completed..I worked in Privatenet...Then I tried
truffle console
truffle(development)> const { abi } = require('./build/contracts/MyNFT.json');
**Undefined**
Please help me to figured out this issue? Why it's showing undefined?
@mg6maciej suggested: #109 (review)
If we do this, we should do it everywhere where this is applicable.
When burn is called on the last token, code in removeNFToken
will not clear idToOwnerIndex
for it.
Order of these statements should be changed, but even better to use check for last token mentioned in previous issue #104.
idToOwnerIndex[_tokenId] = 0;
idToOwnerIndex[lastToken] = tokenToRemoveIndex;
Because this function is called only from _burn
and _transfer
in which cases also Transfer
is emitted, clearApproval
should only set state to 0 (might be more gas efficient to do it conditionally).
According to spec (https://github.com/ethereum/EIPs/blob/master/EIPS/eip-721.md)
/// When a Transfer event emits, this also indicates that the approved
/// address for that NFT (if any) is reset to none.
event Approval(address indexed _owner, address indexed _approved, uint256 indexed _tokenId);
OZ also does it incorrectly, but "slightly" better.
https://github.com/OpenZeppelin/openzeppelin-solidity/blob/07020e954475a4fdd36e0252e88717b60f790b71/contracts/token/ERC721/ERC721BasicToken.sol#L300-L303
These lines are lifted directly from OpenZeppelin.
mapping(uint256 => uint256) internal idToIndex;
is updated in _burn
, but never set in _mint
.
I use to name index mappings like idToIndexInTokens
(or tokenIdToIndexInTokens
) and idToIndexInOwnerToIds
(last part after In
is the same as name of array). This makes it clear which array uses given index mapping.
As per @mg6maciej suggestion:
If possible I would go with a bit different inheritance to avoid duplicating mint and burn in 4 mock contracts. Something like NFTokenEnumerableMock is NFTokenEnumerable, NFTokenMock.
I am opening an issue about this.
README.md
includes the line Licence (MIT)
.
Can you please add the appropriate LICENSE
file to the repo.
ethereum-erc721/contracts/tokens/MyNFToken.sol:23:5: DeclarationError: Undeclared identifier.
onlyOwner
^-------^
following README instructions https://github.com/0xcert/ethereum-erc721#creating-smart-contract does not compile
Just for fun, could you please:
onlyOwner
Then you can add to the README:
We deployed a contract you can play with RIGHT NOW. No need to install software. In this test version of the contract, anybody can mint or burn tokens, so don't use it for anything important.
Mainnet address: xxxxx
Ropsten address: xxxxx
Every GitHub project needs selling points
Hi,
Is this code only worked in Ropsten? I just want to integrate this code to my private Net.
I saw one command : npm run migrate -- --network Ropsten ( works in Ropsten) instead of this I used
npm run migrate -- --network localhost:8545. But it's not connecting. How will I resolved my issue?
My network id : 54 ( That i gave to truffle.js).
I believe name of NFToken
could be misleading as users might think this is the one they would want to use. I suggest renaming it to NFTokenBasic
and adding new one NFToken
(or NFTokenFull
) that only extends NFTokenEnumarable
and NFTokenMetadata
.
We should rename issuerName
, issuerSymbol
which are too restrictive and specific for our use case.
These two lines don't need to be executed when tokenToRemoveIndex == lastTokenIndex
.
ownerToIds[_from][tokenToRemoveIndex] = lastToken;
ownerToIds[_from][lastTokenIndex] = 0;
Next line covers clearing it:
ownerToIds[_from].length--;
Currently metadata is not compliant with the standard. Standard is pure, implementation is view.
Will consider to change the standard because everyone is doing this. But for now this should be noted.
The NFToken constructor should invoke the SupportsInterface constructor.
Add link to bug bounty
We set it in _mint
function and don't use it anywhere.
contracts/tokens/ERC721EnumerableImplementation.sol: mapping(uint256 => uint256) internal idToIndex;
contracts/tokens/ERC721EnumerableImplementation.sol: idToIndex[_id] = tokens.length;
Tests should be testing a single unit (function). Currently we don't test all functions directly since some of them are tested through other functions. This doesn't follow the best practices because it's misleading when tests start to fail and it leaves out edge cases. Ideally, tests should:
How about if we change current naming that:
ERC721.sol
(interface) -> ERC721Interface.sol
or ERC721Standard.sol
and ERC721implementation.sol
-> ERC721.sol
;tokens/interfaces
and name both ERC721.sol
(interface and implementation).If the plan is that our implementation gets reused then we need to have simpler names. ERC721implementation
is way too long and verbose. Thoughts?
There is currently only internal _mint
function, which can't be used. Either we complete it with some external function for minting or add a comment describing this is by default NOT implemented / used. We probably want to keep it since it has the code which shows how to properly mint a token using our implementation.
Hi,
When I am trying to execute
const { abi } = require('./build/contracts/MyNFToken.json');
const account0 = '0x294a4c67667565765668e3329a2b219a1f3d8c22'; // for eg: owner address
const account1 = '0x294a4c67670c0dae6ce8e3329a2b219a1f3d8c22'; // another account (you can create it)
const MyNFTokenContract = web3.eth.contract(abi);
const MyNFTokenInstance = MyNFTokenContract.at();
MyNFTokenInstance.transferFrom(account0,account1,"1234");
Error: invalid address
at SolidityFunction.execute (/usr/local/lib/node_modules/truffle/build/webpack://web3/lib/web3/function.js:256:1)/web3/lib/web3/function.js:170:1)
at SolidityFunction.sendTransaction (/usr/local/lib/node_modules/truffle/build/webpack:/
at Eth.send [as sendTransaction] (/usr/local/lib/node_modules/truffle/build/webpack://web3/lib/web3/method.js:139:1)/web3/lib/web3/method.js:114:1)
at Method.toPayload (/usr/local/lib/node_modules/truffle/build/webpack:/
at Method.formatInput (/usr/local/lib/node_modules/truffle/build/webpack://web3/lib/web3/method.js:88:1)/web3/lib/web3/method.js:89:1
at Array.map ()
at /usr/local/lib/node_modules/truffle/build/webpack:/
at inputTransactionFormatter (/usr/local/lib/node_modules/truffle/build/webpack://web3/lib/web3/formatters.js:100:1)/web3/lib/web3/formatters.js:274:1)
at inputAddressFormatter (/usr/local/lib/node_modules/truffle/build/webpack:/
Why its showing like that? (mint,balanceof,safeTransferfrom is working but for approval,setApproveForAll etc is not working...showing same error only);
I have done in PrivateNet.
Help me to resolve this issue...
Redeploy, fix readme: https://github.com/0xcert/ethereum-erc721#playground
If you move implementation of tokenOfOwnerByIndex
and related fields (ownerToIds
and idToOwnerIndex
) to NFToken
, you can remove ownerToNFTokenCount
and use ownerToIds[_owner].length
in balanceOf
. This saves gas on two updates of ownerToNFTokenCount
every time token is transferred and one when minted or burned.
This doesn't break compatibility with ERC721 spec, as you may leave ERC721
and ERC721Enumerable
as they are now.
This has drawback of slightly more expensive deploy and transfers for simpler NFToken
, but is cheaper for full NFTokenEnumerable
(+ NFTokenMetadata
) and assuming OpenSea and others will require enumeration and developers will want to be listed there, this makes it cheaper in most cases. Also additional, non-standard funcitonality provided by tokenOfOwnerByIndex
in basic NFToken
might be a good thing.
In order to have a complete coverage at some point, let's keep track of missing tests. ERC165 implementation is currently missing all tests.
Via a chat on ETH-NFT/Lobby, we've determined that the Approval()
even should be emitted on both sets OR reaffirmations.
(this is not a bug report, as previous behavior was undefined)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.