Block Reference

The standard fungible token. Configurable mint, burn, pause, permit (EIP-2612), and votes (EIP-5805) extensions. All extensions are opt-in via boolean properties.

Non-fungible token (NFT) standard with optional enumerable extension, ERC-2981 royalties, burnable, and URI storage.

Batch-friendly multi-token standard for mixed fungible/non-fungible assets. Single contract manages multiple token IDs.

Tokenized yield-bearing vault. Users deposit an underlying ERC-20, receive shares in return. Yield is reflected in the share price.

NFT royalty info standard. Marketplaces query royaltyInfo() to determine how much to send the creator on each secondary sale.

Single-owner pattern. The deployer is the owner. Owner can call restricted functions and transfer ownership. The simplest access control pattern.

Role-based access control. Define arbitrary roles (MINTER_ROLE, PAUSER_ROLE, etc.) and grant/revoke them per address. More flexible than Ownable for multi-admin contracts.

Adds a mandatory delay before privileged operations execute. Used in DAO governance to prevent flash-loan attacks and give token holders time to react to proposals.

M-of-N signature requirement. Certain function calls require off-chain collection of M signatures from a set of N signers before execution. Useful for treasury management.

Prevents reentrancy attacks with a simple mutex. Decorate functions with the nonReentrant modifier. Essential for any function that transfers ETH or calls external contracts.

Emergency pause mechanism. An authorised address (owner or PAUSER_ROLE) can pause the contract, which blocks any function decorated with whenNotPaused.

Token-bucket rate limiting. Limits how much value can flow through a function per time window. Useful for bridge contracts and withdrawal functions to limit damage from exploits.

Automatically pauses the contract when an anomaly is detected (e.g. more than X ETH withdrawn in one block, or rapid state changes). Inspired by real DeFi incident patterns.

Stake token A to earn token B rewards. Linear emission model. Tracks per-user reward debt for gas-efficient claims. Based on the widely-used MasterChef pattern.

Linear token vesting with optional cliff. Beneficiary receives tokens gradually over the vesting period. Used for team allocations, investor releases, and advisor tokens.

Two-party escrow with an optional arbiter for dispute resolution. Buyer deposits ETH or ERC-20, seller fulfils, buyer releases — or either party escalates to arbiter.

Ascending-price auction. Bidders submit increasing bids. When the auction ends, the highest bidder wins and all losing bids are automatically refunded.

Gas-efficient airdrop using Merkle proof verification. The Merkle root is stored on-chain; recipients submit proofs off-chain. Each address can claim once.

Full on-chain governance with proposal creation, voting, and execution. Token holders vote with their ERC-20 (with votes extension). Quorum is enforced. Requires a connected Timelock.

Execution delay extension for the Governor. Passed proposals are queued in the TimelockController and can only execute after minDelay seconds. Prevents flash-loan governance attacks.

Live asset price from Chainlink Data Feeds. Returns latest price with staleness check. FlowNodes defaults to the ETH/USD feed for the payment vault, but you can point it at any Chainlink feed.

Verifiable on-chain randomness. Request a random number from Chainlink VRF; the callback fulfillRandomWords() is called with the result. Used for NFT reveals, lotteries, and game mechanics.

Time-Weighted Average Price oracle using a Uniswap V3 pool. TWAP prices are manipulation-resistant over longer windows. Used as an alternative to Chainlink for long-tail assets.

Universal Upgradeable Proxy Standard. The upgrade logic lives in the implementation contract, not the proxy. More gas-efficient than Transparent Proxy. Requires UUPSUpgradeable in the implementation.

Classic transparent proxy with a separate ProxyAdmin contract. The admin can upgrade but cannot call implementation functions. Safer separation of concerns than UUPS for multi-party deployments.

Multiple proxy instances all point at a single UpgradeableBeacon. Upgrading the beacon upgrades all proxies simultaneously. Useful for factory patterns (e.g. deploy 100 NFT collections from one implementation).

Replaces the constructor for upgradeable contracts. The initialize() function is protected with the initializer modifier to prevent re-initialisation. Always pair with any upgradeable block.