5 min read - Posted 19 Mar 19

OpenZeppelin Part 5: There's More!

There's More!

OpenZeppelin has a wide range of utilities to help add more complexity to your contracts.


Within the cryptography folder are two contracts to help with security:

  • ECDSA.sol : This contract helps you to manage and recover your ECDSA signatures (Elliptic Curve Digital Signature Algorithm).
  • MerkleProof.sol : Functions to verify Merkle proofs. Merkle proofs make sure that data is in the Merkle tree.
pragma solidity ^0.5.2;

import "openzeppelin-solidity/contracts/cryptography/ECDSA.sol";

contract ECDSAMock {
    using ECDSA for bytes32;

    function recover(bytes32 hash, bytes memory signature) public pure returns (address) {
        return hash.recover(signature);

    function toEthSignedMessageHash(bytes32 hash) public pure returns (bytes32) {
        return hash.toEthSignedMessageHash();

Read more in the documentation.


The drafts folder contains contracts which are in their development stage.

  • Counters.sol : A simple counter contract.
  • ERC20Migrator.sol : Used to migrate an ERC20 token from one contract to another.
  • SignatureBouncer.sol : Set a signature as a permission to do an action.
  • SignedSafeMath.sol : Performs math with a safety check that reverts if there is an error.
  • TokenVesting.sol : A token holder contract that gradually releases its token balance.


Introspection is a set of contracts that perform interface detection. They allow you to determine if your contract will support the interface you want to use.

Earlier in the series we introduced token standards. In this tutorial, we are going to talk about another standard called ERC165. ERC165 maintains run time interface detection. The introspection folder provides the following contracts:

  • IERC615 : Base interface that ERC165 conforms to. It also defines the interface you're working on.
  • ERC165 : Supports interface detection using a lookup table.
  • ERC165Checked : Simplifies the process of checking if a contract supports the interface you want to use.
pragma solidity ^0.5.2;

import "openzeppelin-solidity/contracts/introspection/ERC165.sol";

contract ERC165Mock is ERC165 {
    function registerInterface(bytes4 interfaceId) public {

Read more in the documentation.

Note: When we refer to the interface, we are talking about what the contracts Application Binary Interface (ABI) can represent. The ABI is the interface by which the application program gains access to the operating system and other services.


Lifecycle contains a single contract called Pausable.sol which allows child contracts to have an emergency stop feature.


  • Math.sol : Assorted math operations.
  • SafeMath.sol : Math operations that protect your contract from overflow errors.
pragma solidity ^0.5.2;

import "openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathMock {
    function mul(uint256 a, uint256 b) public pure returns (uint256) {
        return SafeMath.mul(a, b);

    function div(uint256 a, uint256 b) public pure returns (uint256) {
        return SafeMath.div(a, b);

    function sub(uint256 a, uint256 b) public pure returns (uint256) {
        return SafeMath.sub(a, b);

    function add(uint256 a, uint256 b) public pure returns (uint256) {
        return SafeMath.add(a, b);

    function mod(uint256 a, uint256 b) public pure returns (uint256) {
        return SafeMath.mod(a, b);

Read more in the documentation.


Payment allows you to set different properties in regards to payment options.

  • PullPayment.sol : Fix stalling problems by using an asyncSend() function to send money to ex) a person and then requesting that they withdraw the amount later.
  • PaymentSplitter.sol : You can split a payment between multiple people in whichever percentages you want.
  • ConditionalEscrow.sol : An escrow contract that only allows a withdrawal if a condition is met.
  • Escrow.sol : Holds ether until the payee of the contract withdraws it. Thus It governs the release of funds involved in a transaction.
  • RefundEscrow.sol : Escrow that holds funds for a beneficiary.
pragma solidity ^0.5.2;

import "openzeppelin-solidity/contracts/payment/PullPayment.sol";

contract PullPaymentMock is PullPayment {
    constructor () public payable {

    function callTransfer(address dest, uint256 amount) public {
        _asyncTransfer(dest, amount);

Read more in the documentation.


Utilities contains contracts that don't fall under the other categories.

  • Address.sol : Tells you if the target address belongs to a contract.
  • Arrays.sol : A search that looks through a sorted array to find the index of an element value.
  • ReentrancyGuard.sol : Helps your contract guard against reentrancy attacks (a bug or attack on your contract).
pragma solidity ^0.5.2;

import "openzeppelin-solidity/contracts/utils/Address.sol";

contract AddressImpl {
    function isContract(address account) external view returns (bool) {
        return Address.isContract(account);

Read more in the documentation.

Next Steps

OpenZeppelin provides the user with a multitude of contracts to support the creation of complex contracts.

Created with Sketch.Content is"CC-BY-SA 4.0" licensed
Article On-chain
Article Author

Juliette Rocco

Intern @Kauri




Related Articles
OpenZeppelin Part 2: Access Control

Access Control What is It? The first category of contracts is access control. Access control allows a developer to regulate who can use certain features of the contract. Examples are: minting tokens, voting on proposals, ownership, etc. This feature is useful for creating a restrictive contract. How to Use OpenZeppelin provides two contracts: Ownable.sol and Roles.sol for access control. Both methods are useful in different scenarios depending on how restrictive you want the contract to be. Owne

OpenZeppelin Part 1: Introductory

Introductory To OpenZeppelin What Is OpenZeppelin? OpenZeppelin is a library of reusable smart contracts to use with Ethereum and other EVM and eWASM blockchains. The contracts focus on secure and simple open source code. They are continuously tested and community reviewed to ensure they follow the best industry standards and security practices. As a developer its difficult to create any piece of code from scratch; especially a contract. Through the use of OpenZeppelins inheritable contracts, yo