github OpenZeppelin/openzeppelin-contracts v5.7.0-rc.0

pre-release5 hours ago

Breaking changes

  • Governor and IGovernor: Replace GovernorQueueNotImplemented with GovernorProposalQueueingNotRequired and GovernorProposalQueueingFailed. (#6582)

Deprecations

  • Checkpoints, DoubleEndedQueue, EnumerableMap and EnumerableSet: Deprecate the at function for accessing a specific index of the structure. We introduce new pos functions to replace them. (#6494)

Changes by category

Utils

Additions
  • BlockHeader: Add a new library for verifying and parsing block headers. (#6395)
  • Create3: Add a library to deploy contracts using the CREATE3 mechanism, allowing the deployment address to depend only on the salt and the deployer, independently of the deployed bytecode. (#6402)
  • ERC1967Clones: Add a library to deploy minimal ERC-1967 proxies via CREATE or CREATE2. (#6405)
  • ERC6372Utils: Add utility library for ERC-6372 clock mode validation, supporting block number and timestamp modes with consistency checks. (#6483)
  • RateLimiter: Add a library that provides primitives for limiting the rate at which an action can be performed, with two complementary strategies: a refilling token bucket and a sliding window counter. (#6490)
  • SimulateCall: Add a new call simulation utilities that allow inspecting return data from contract calls by executing them in a non-mutating, revert-based context. (#6290)
Other
  • Arrays: Reduce reliance on recursion to prevent stack overflow and support larger arrays. (#6324)
  • ERC2771Forwarder: Revert the entire atomic batch if a call with value fails. (#6391)
  • InteroperableAddress: Fix overflow in the parsing functions that caused silent misparse of large interoperable addresses. (#6372)
  • InteroperableAddress: Reject inputs with both chain reference and addresses empty. (#6331)
  • Memory: Add a isReserved(Slice) function that checks if the memory occupied by the slice is reserved (i.e. before the free memory pointer). (#6302)
  • Memory: Remove the asBytes32 and asPointer function to reduce the risk of mistakes when manipulating memory pointers. (#6348)
  • RLP: Perform a memory copy when decoding bytes objects containing a single byte instead of returning a reference to the input. (#6303)

Access

  • AccessManager: Treat setAuthority differently in canCall to prevent bypassing the updateAuthority security using an execute. (#6388)

Account

  • AccountERC7579Hooked: Do not revert if hook checks fail during the hook module uninstallation. (#6390)
  • ERC4337Utils, IERC4337: Drop the draft- prefix from the file names now that ERC-4337 is finalized. Imports must be updated from account/utils/draft-ERC4337Utils.sol to account/utils/ERC4337Utils.sol and from interfaces/draft-IERC4337.sol to interfaces/IERC4337.sol. (#6581)
  • Paymaster: Add a simple ERC-4337 paymaster implementation with minimal logic. (#6576)
  • PaymasterERC20: Add extension of Paymaster that sponsors user operations against payment in ERC-20 tokens. (#6576)
  • PaymasterERC20Guarantor: Add extension of PaymasterERC20 that enables third parties to guarantee user operations by prefunding gas costs upfront, with repayment handling for successful operations. (#6576)
  • PaymasterERC721Owner: Add extension of Paymaster that approves sponsoring of user operation based on ownership of an ERC-721 NFT. (#6576)
  • PaymasterSigner: Add extension of Paymaster that approves sponsoring of user operation based on a cryptographic signature verified by the paymaster. (#6576)

Cryptography

  • ERC7913WebAuthnVerifier: Add an internal _requireUV function that can be overridden to disable the UV check. (#6596)
  • WebAuthn: Verification now returns false instead of reverting when client data contains an out-of-bounds challengeIndex. (#6329)

Cross-chain

  • BridgeERC20: Rename BridgeERC20 to BridgeFungible. (#6328)
  • BridgeNonFungible and BridgeERC721: Add bridge contracts to handle crosschain movements of ERC-721 tokens. (#6259)
  • BridgeMultiToken and BridgeERC1155: Add bridge contracts to handle crosschain movements of ERC-1155 tokens. (#6281)
  • CrosschainRemoteExecutor: Add a new executor contract that relays transaction from a controller on a remote chain. (#6272)

Governance

  • Governor: Strictly enforce the expected proposal state depending on proposalNeedsQueuing when calling execute. (#6386)
  • GovernorCrosschain: Add governor module that facilitates the execution of crosschain operations through CrosschainRemoteExecutors and ERC-7786 gateways. (#6272)

Structures

  • Accumulator: Check that slices being added (shift or push) are in the reserved space. (#6302)
  • DoubleEndedQueue: Add values(deque, start, end) to return a slice of the queue as an array, mirroring the paginated values accessor in EnumerableSet. Out-of-bound values for start and end are clamped to the queue length. (#6522)

Token

  • ERC20TransferAuthorization: Add an ERC-20 extension implementing ERC-3009's transfer with authorization using parallel nonces. (#6354)
  • ERC721Crosschain: Add an ERC-721 extension to embed an ERC-7786 based crosschain bridge directly in the token contract. (#6259)
  • ERC1155Crosschain: Add an ERC-1155 extension to embed an ERC-7786 based crosschain bridge directly in the token contract. (#6281)
  • ERC1155Burnable: Use _checkAuthorized to correctly apply authorization overrides. (#6435)
  • SafeERC20: Add tryGetDecimals helper that safely queries a token's decimals() without reverting. (#6482)
  • ERC6909ContentURI, ERC6909TokenSupply and ERC6909Metadata: Add ERC-165 detection for the IERC6909ContentURI, IERC6909TokenSupply and IERC6909Metadata interfaces. (#6246)

Don't miss a new openzeppelin-contracts release

NewReleases is sending notifications on new releases.