Coinbase explains how it evaluates ERC-20 tokens for listing

Quick Take

  • Crypto exchange Coinbase has explained what technical factors it looks into before deciding to list an ERC-20 token. 
  • According to the exchange, each ERC-20 token should have four qualities: Verified source code, industry-standard library use, limited scope for privileged roles, and simple and modular design.

Crypto exchange Coinbase has explained what technical factors it looks into before deciding to list an ERC-20 token on its trading platforms. 

In a blog post published Monday, Nadir Akhtar, a blockchain security engineer at Coinbase, listed four qualities that each ERC-20 token should possess: Verified source code, industry-standard library use, limited scope for privileged roles, and simple and modular design.

Firstly, the token's source code should be verified, said Akhtar. "This is the most important step to getting a token listed."

Akhtar has suggested that developers should upload the source code for all smart contracts to a "reliable" platform, such as Etherscan. If the code is not yet deployed, it should be added to an easily shareable repository, such as GitHub, he said.

Secondly, developers should use open-source smart contract standards to develop ERC-20 tokens, according to Akhtar. It means developers should avoid writing smart contract code from scratch because they can miss a crucial detail, "compromising the integrity of the token."

Akhtar recommended using popular and "well-vetted" standards, such as OpenZeppelin's repository of smart contracts.

Thirdly, ERC-20 tokens' smart contracts should have limited privileged or "admin" roles, said Akhtar. "These roles can wield significant power, such as pausing transactions, modifying balances, or completely changing the token's logic," which reduces the likelihood of listing the token on Coinbase.

Lastly, tokens' protocols should have "simple" and "modular" design to avoid complexities, said the security engineer. 

Besides the above listed four factors, Coinbase also looks into factors such as external audits, thorough documentation, up-to-date Solidity language versions, and comprehensive test suites of ERC-20 tokens to catch bugs early.

External audits of smart contracts are especially important, said Akhtar, since their failures can cost "millions of dollars."

"By developing tokens with these security best practices in mind, the path towards building an open financial system becomes much safer," Akhtar concluded.


© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

AUTHOR

Yogita Khatri is a senior reporter at The Block and the author of The Funding newsletter. As our longest-serving editorial member, Yogita has been instrumental in breaking numerous stories, exclusives and scoops. With over 3,000 articles to her name, Yogita is The Block's most-published and most-read author of all time. Before joining The Block, Yogita wrote for CoinDesk and The Economic Times. You can reach her at [email protected] or follow her latest updates on X at @Yogita_Khatri5.

See More
Connect on

WHO WE ARE

The Block is a news provider that strives to be the first and final word on digital assets news, research, and data.

+ Follow us on Google News
Connect with the block on