/cairo-contracts

OpenZeppelin Contracts written in Cairo for StarkNet, a decentralized ZK Rollup

Primary LanguagePythonMIT LicenseMIT

OpenZeppelin Cairo Contracts

Tests and linter

A library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup.

⚠️ WARNING! ⚠️

This is repo contains highly experimental code. Expect rapid iteration. Do not use in production.

Installation

First time?

Before installing Cairo on your machine, you need to install gmp:

sudo apt install -y libgmp3-dev # linux
brew install gmp # mac

If you have any troubles installing gmp on your Apple M1 computer, here’s a list of potential solutions.

Set up the project

Clone the repository

git clone git@github.com:OpenZeppelin/cairo-contracts.git

cd into it and create a Python virtual environment:

cd cairo-contracts
python3 -m venv env
source env/bin/activate

Install the Nile dev environment and then run install to get the Cairo language, a local network, and a testing framework.

pip install cairo-nile
nile install

Usage

Compile the contracts

nile compile

🤖 Compiling all Cairo contracts in the contracts directory
🔨 Compiling contracts/IAccount.cairo
🔨 Compiling contracts/Account.cairo
🔨 Compiling contracts/AddressRegistry.cairo
🔨 Compiling contracts/Initializable.cairo
🔨 Compiling contracts/Ownable.cairo
🔨 Compiling contracts/token/ERC721.cairo
🔨 Compiling contracts/token/ERC20.cairo
🔨 Compiling contracts/token/IERC20.cairo
✅ Done

Run tests

pytest

====================== test session starts ======================
platform linux -- Python 3.7.2, pytest-6.2.5, py-1.11.0, pluggy-1.0.0
rootdir: /home/readme/cairo-contracts
plugins: asyncio-0.16.0, web3-5.24.0, typeguard-2.13.0
collected 19 items                                                                                               

tests/test_Account.py ....                                 [ 21%]
tests/test_AddressRegistry.py ..                           [ 31%]
tests/test_ERC20.py ..........                             [ 84%]
tests/test_Initializable.py .                              [ 89%]
tests/test_Ownable.py ..                                   [100%]

Extending Cairo contracts

There's no clear contract extensibility pattern for Cairo smart contracts yet. In the meantime the best way to extend our contracts is copypasting and modifying them at your own risk. Remember this contracts are still under development and they have not gone through any audit or security review whatsoever.

  • For Accounts, we suggest changing how is_valid_signature works to explore different signature validation schemes such as multisig, or some guardian logic like in Argent's account.
  • For ERC20 tokens we suggest removing or protecting the mint method, temporarily in place for testing purposes. You can customize token name, symbol, and may be worth exploring pre/post transfer checks.

Learn

Contract documentation

Cairo

Nile

Security

This project is still in a very early and experimental phase. It has never been audited nor thoroughly reviewed for security vulnerabilities. Do not use in production.

Please report any security issues you find to security@openzeppelin.org.

License

OpenZeppelin Cairo Contracts is released under the MIT License.