solidity-erc-standards

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

ERC Token Standard Guidelines

ERC代币标准指南

When to Apply

适用场景

Implementing a new token (Fungible, NFT, Multi-token, or Vault).
Reviewing existing token implementations for standard compliance.
Integrating with external tokens (e.g., DeFi protocols, marketplaces).
Extending standards with custom logic (e.g., Permit, Votes, Enumerable).

实现新代币（可替代代币、NFT、多代币或金库代币）
审核现有代币实现是否符合标准
与外部代币集成（如DeFi协议、交易市场）
通过自定义逻辑扩展标准（如Permit、Votes、Enumerable）

ERC20: Fungible Tokens

ERC20：可替代代币

Required:

totalSupply

balanceOf

transfer

allowance

approve

transferFrom

SafeERC20: ALWAYS wrap external ERC20 calls (
```
transfer
```
,
```
transferFrom
```
,
```
approve
```
) using OpenZeppelin's
```
SafeERC20
```
to handle tokens that return
```
false
```
instead of reverting.
Race Condition: The
```
approve
```
function has a known race condition. Use
```
increaseAllowance
```
and
```
decreaseAllowance
```
(OpenZeppelin) or
```
ERC20Permit
```
to mitigate.
ERC20Permit (EIP-2612): Use for gasless approvals via signatures (
```
permit
```
function).
ERC20Votes: Use for governance tokens to enable delegation and checkpointing.
Common Pitfall: Some tokens (like USDT) do not return a boolean on
```
transfer
```
, causing calls to revert if the interface expects a return value.

必填函数：

totalSupply

、

balanceOf

、

transfer

、

allowance

、

approve

、

transferFrom

SafeERC20：始终使用OpenZeppelin的
```
SafeERC20
```
封装外部ERC20调用（
```
transfer
```
、
```
transferFrom
```
、
```
approve
```
），以处理那些返回
```
false
```
而非回滚的代币
竞态条件：
```
approve
```
函数存在已知的竞态条件。使用OpenZeppelin的
```
increaseAllowance
```
和
```
decreaseAllowance
```
，或
```
ERC20Permit
```
来缓解该问题
ERC20Permit（EIP-2612）：用于通过签名实现无Gas费授权（
```
permit
```
函数）
ERC20Votes：用于治理代币，支持委托和Checkpointing
常见陷阱：部分代币（如USDT）的
```
transfer
```
函数不返回布尔值，若接口期望返回值会导致调用回滚

ERC721: Non-Fungible Tokens

ERC721：非同质化代币（NFT）

Required:

balanceOf

ownerOf

safeTransferFrom

transferFrom

approve

setApprovalForAll

getApproved

isApprovedForAll

safeTransferFrom: Always prefer
```
safeTransferFrom
```
over
```
transferFrom
```
to ensure the recipient can handle NFTs (via
```
onERC721Received
```
).
ERC721Enumerable: Provides on-chain tracking of all tokens. High gas cost for transfers; avoid unless necessary for on-chain discovery.
Metadata: Use
```
tokenURI
```
to link to JSON metadata. Off-chain (IPFS/Arweave) is standard; on-chain (Base64) is used for "fully on-chain" NFTs.
Common Pitfall: Reentrancy via
```
onERC721Received
```
callback during
```
safeTransferFrom
```
. Use
```
nonReentrant
```
or follow Checks-Effects-Interactions (SCWE-046, SCWE-138).

必填函数：

balanceOf

、

ownerOf

、

safeTransferFrom

、

transferFrom

、

approve

、

setApprovalForAll

、

getApproved

、

isApprovedForAll

safeTransferFrom：优先使用
```
safeTransferFrom
```
而非
```
transferFrom
```
，确保接收方能够处理NFT（通过
```
onERC721Received
```
回调）
ERC721Enumerable：提供链上所有代币的追踪功能。转账时Gas成本较高；除非链上发现功能是必需的，否则避免使用
元数据：使用
```
tokenURI
```
链接至JSON元数据。链下存储（IPFS/Arweave）是标准方案；链上存储（Base64）用于"完全链上"NFT
常见陷阱：
```
safeTransferFrom
```
过程中通过
```
onERC721Received
```
回调产生的重入问题。使用
```
nonReentrant
```
修饰器或遵循检查-效果-交互模式（SCWE-046、SCWE-138）

ERC1155: Multi-Token

ERC1155：多代币标准

When to use: When managing multiple token types (fungible and non-fungible) in a single contract. More gas-efficient for batch operations.
Batch Operations: Use
```
safeBatchTransferFrom
```
and
```
balanceOfBatch
```
to reduce gas for multiple transfers.
URI Pattern: Use a single URI with the
```
{id}
```
substitution string (e.g.,
```
https://api.com/{id}.json
```
).
Common Pitfall: Forgetting to implement
```
balanceOfBatch
```
or incorrect implementation of the receiver callback.

适用场景：在单个合约中管理多种代币类型（可替代和非同质化代币）时使用。批量操作更节省Gas
批量操作：使用
```
safeBatchTransferFrom
```
和
```
balanceOfBatch
```
来减少多笔转账的Gas消耗
URI模式：使用包含
```
{id}
```
替换字符串的单一URI（如
```
https://api.com/{id}.json
```
）
常见陷阱：忘记实现
```
balanceOfBatch
```
或接收方回调实现错误

ERC4626: Tokenized Vault

ERC4626：代币化金库

Calculations:
```
convertToShares
```
(assets to shares) and
```
convertToAssets
```
(shares to assets).
Rounding: Favor the vault. Round DOWN on
```
deposit
```
/
```
mint
```
(fewer shares for assets) and round UP on
```
withdraw
```
/
```
redeem
```
(more shares for assets).
Inflation Attack: First depositor can manipulate share price. Prevent by minting "dead shares" to
```
address(0)
```
on the first deposit (SCWE-049).
Common Pitfall: Incorrect rounding direction leading to "free" shares or assets over time.

核心计算：
```
convertToShares
```
（资产转换为份额）和
```
convertToAssets
```
（份额转换为资产）
舍入规则：金库优先。在
```
deposit
```
/
```
mint
```
时向下舍入（资产换更少份额），在
```
withdraw
```
/
```
redeem
```
时向上舍入（份额换更多资产）
通胀攻击：首位存款人可操纵份额价格。通过在首次存款时向
```
address(0)
```
铸造"死份额"来预防（SCWE-049）
常见陷阱：舍入方向错误导致长期产生"免费"份额或资产

Implementation Choice

实现方案选择

	OpenZeppelin	Solady
Gas	Higher	Lower
Readability	More readable	More optimized
Extensions	Many available	Fewer but efficient
When to use	Most projects	Gas-critical applications

	OpenZeppelin	Solady
Gas成本	较高	较低
可读性	更易读	更优化
扩展功能	丰富	较少但高效
适用场景	大多数项目	对Gas成本敏感的应用

Testing Strategies

测试策略

ERC20: Test
```
transfer
```
(balance changes),
```
approve
```
/
```
transferFrom
```
(allowance logic), and edge cases (0 amount,
```
type(uint256).max
```
).

ERC721: Test

mint

transfer

approval

, and

ERC721Enumerable

(if used). Verify

onERC721Received

triggers.

ERC1155: Test batch transfers, URI substitution, and receiver callbacks.
ERC4626: Test deposit/withdraw symmetry (1:1 if no yield), share calculations, and rounding edge cases.

ERC20：测试
```
transfer
```
（余额变化）、
```
approve
```
/
```
transferFrom
```
（授权逻辑），以及边缘场景（0金额、
```
type(uint256).max
```
）
ERC721：测试
```
mint
```
、转账、授权，以及
```
ERC721Enumerable
```
（若使用）。验证
```
onERC721Received
```
回调是否触发
ERC1155：测试批量转账、URI替换和接收方回调
ERC4626：测试存款/取款对称性（若无收益则为1:1）、份额计算以及舍入边缘场景

Enhanced with MCP

结合MCP增强功能

When the

solidity-agent-toolkit

is available, leverage these tools for ERC implementation:

Interface Lookup:

```
erc://{standard}
```
: Full interface definition, required functions, events, and extension list for ERC20, ERC721, ERC1155, ERC4626

Implementation Verification:

```
check_vulnerability
```
: Verify code against known ERC-specific vulnerabilities
```
match_vulnerability_patterns
```
: Detect missing SafeERC20, approval race conditions, reentrancy in callbacks
```
search_vulnerabilities
```
: Look up SCWE entries related to token standards (e.g., "ERC20", "reentrancy")
```
get_remediation
```
: Get fix guidance for specific SCWE IDs found during review

Code Generation:

Use the
```
generate_erc
```
prompt for scaffolding compliant token implementations

当

solidity-agent-toolkit

可用时，可利用以下工具进行ERC实现：

接口查询：

```
erc://{standard}
```
：获取ERC20、ERC721、ERC1155、ERC4626的完整接口定义、必填函数、事件及扩展列表

实现验证：

```
check_vulnerability
```
：验证代码是否存在已知的ERC特定漏洞
```
match_vulnerability_patterns
```
：检测是否缺少SafeERC20、授权竞态条件、回调中的重入问题
```
search_vulnerabilities
```
：查找与代币标准相关的SCWE条目（如"ERC20"、"reentrancy"）
```
get_remediation
```
：获取审查中发现的特定SCWE ID的修复指导

代码生成：

使用
```
generate_erc
```
指令生成符合标准的代币实现脚手架

References

参考资料

ERC Standard Interfaces

ERC标准接口