Coinbase explains how it evaluates ERC-20 tokens for listing

Exchanges • August 18, 2020, 5:20AM EDT
The Block

Quick Take

  • Crypto exchange Coinbase has explained what technical factors it looks into before deciding to list an ERC-20 token. 
  • According to the exchange, each ERC-20 token should have four qualities: Verified source code, industry-standard library use, limited scope for privileged roles, and simple and modular design.

Crypto exchange Coinbase has explained what technical factors it looks into before deciding to list an ERC-20 token on its trading platforms. 

In a blog post published Monday, Nadir Akhtar, a blockchain security engineer at Coinbase, listed four qualities that each ERC-20 token should possess: Verified source code, industry-standard library use, limited scope for privileged roles, and simple and modular design.

Firstly, the token's source code should be verified, said Akhtar. "This is the most important step to getting a token listed."

Akhtar has suggested that developers should upload the source code for all smart contracts to a "reliable" platform, such as Etherscan. If the code is not yet deployed, it should be added to an easily shareable repository, such as GitHub, he said.

Secondly, developers should use open-source smart contract standards to develop ERC-20 tokens, according to Akhtar. It means developers should avoid writing smart contract code from scratch because they can miss a crucial detail, "compromising the integrity of the token."

Akhtar recommended using popular and "well-vetted" standards, such as OpenZeppelin's repository of smart contracts.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Thirdly, ERC-20 tokens' smart contracts should have limited privileged or "admin" roles, said Akhtar. "These roles can wield significant power, such as pausing transactions, modifying balances, or completely changing the token's logic," which reduces the likelihood of listing the token on Coinbase.

Lastly, tokens' protocols should have "simple" and "modular" design to avoid complexities, said the security engineer. 

Besides the above listed four factors, Coinbase also looks into factors such as external audits, thorough documentation, up-to-date Solidity language versions, and comprehensive test suites of ERC-20 tokens to catch bugs early.

External audits of smart contracts are especially important, said Akhtar, since their failures can cost "millions of dollars."

"By developing tokens with these security best practices in mind, the path towards building an open financial system becomes much safer," Akhtar concluded.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Yogita Khatri is a senior reporter at The Block, covering all things crypto. As one of the earliest team members, Yogita has played a pivotal role in breaking numerous stories, exclusives and scoops. With nearly 3,000 articles under her belt, Yogita holds the records as The Block's most-published and most-read author of all time. Prior to joining The Block, Yogita worked at crypto publication CoinDesk and The Economic Times, where she wrote on personal finance. To contact her, email: [email protected]. For her latest work, follow her on X @Yogita_Khatri5.

More by Yogita Khatri