(self.webpackChunk_N_E=self.webpackChunk_N_E||[]).push([[8999],{40853:function(e,t,n){(window.__NEXT_P=window.__NEXT_P||[]).push(["/audits/2024-02-11-open-zeppelin",function(){return n(82421)}])},73307:function(e,t,n){"use strict";n.d(t,{Z:function(){return i}});var r=n(7505),d=n(11689);let a={logo:function(){return(0,r.jsxs)("div",{style:{display:"flex",alignItems:"center",gap:"0.25em",fontSize:"32px",fontFamily:"PP Supply Mono",textTransform:"uppercase"},children:[(0,r.jsx)("img",{src:"/images/logos/mud-white.svg",style:{height:"calc(var(--nextra-navbar-height) - 35px)"},alt:"MUD logo"}),"MUD"]})},useNextSeoProps(){let{asPath:e}=(0,d.useRouter)();return{titleTemplate:"/"===e?"MUD – a framework for ambitious Ethereum applications":"%s – MUD"}},project:{link:"https://github.com/latticexyz/mud"},docsRepositoryBase:"https://github.com/latticexyz/mud/tree/main/docs",head:(0,r.jsx)(r.Fragment,{children:(0,r.jsx)("meta",{property:"title",content:"MUD documentation"})}),darkMode:!1,nextThemes:{defaultTheme:"dark"},footer:{text:"MIT 2023 \xa9 MUD"},primaryHue:28,sidebar:{defaultMenuCollapseLevel:1}};var i=a},82421:function(e,t,n){"use strict";n.r(t),n.d(t,{default:function(){return p}});var r=n(7505),d=n(42585),a=n(38288),i=n(73307);n(54693);var o=n(26736),s=n(98823),l=n.n(s),c={src:"/_next/static/media/PDF_file_icon.0cde9123.png",height:50,width:41,blurDataURL:"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAcAAAAICAMAAAAC2hU0AAAAKlBMVEX5ubn7bmz7d3T6dnT1/v74u7v28vL54eH+nZ36w8O/u7va5OSvqqrE0tKyp7hUAAAABHRSTlP8hMC+fjw1HAAAAAlwSFlzAAALEwAACxMBAJqcGAAAADNJREFUeJwlx8kNgEAMwEADTkL26L9dhNafkWnVusDsFMLiSFUGkeX5sYbQzj0N7vfv+QAhxwEuHGPJCwAAAABJRU5ErkJggg==",blurWidth:7,blurHeight:8},u={src:"/_next/static/media/github-mark.0c21c7c2.png",height:50,width:50,blurDataURL:"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAMAAADz0U65AAAAJ1BMVEUjJi1MaXEkKi0jKC8hISsjKC8jKC8jKS8lKjAkKS8jKS4jKS4jKC/sJrsoAAAADXRSTlMRACW1BYil2v7ve85r2RcGrAAAAAlwSFlzAAA3XQAAN10BGYBGXQAAADdJREFUeJwdxskNwDAMBLFZ3bLdf70BwhcRx/0g8J1Zh1zM6KRLCtWlXfEn+0W8SawKmwbZgTR9J+wBGkRIQqYAAAAASUVORK5CYII=",blurWidth:8,blurHeight:8};let m={MDXContent:function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},{wrapper:t}=Object.assign({},(0,o.ah)(),e.components);return t?(0,r.jsx)(t,{...e,children:(0,r.jsx)(g,{...e})}):g(e)},pageOpts:{filePath:"pages/audits/2024-02-11-open-zeppelin.mdx",route:"/audits/2024-02-11-open-zeppelin",headings:[{depth:1,value:"2024-02-11 OpenZeppelin Audit",id:"2024-02-11-openzeppelin-audit"}],pageMap:[{kind:"Meta",data:{introduction:{title:"What is MUD?",theme:{breadcrumb:!1}},quickstart:{title:"Get started",theme:{breadcrumb:!1}},protocol:{title:"Protocol",type:"separator"},store:"Store",world:"World",framework:{title:"Framework",type:"separator"},config:"Config",cli:"CLI","state-query":"State Query",indexer:"Indexer","world-explorer":{title:"World Explorer",theme:{breadcrumb:!1}},"---":{title:"",type:"separator"},guides:"Guides",templates:"Templates","best-practices":"Best Practices",contribute:{title:"Contribute",theme:{breadcrumb:!1}},changelog:"Changelog",retrospectives:"Retrospectives",audits:"Audits",version:{title:"2.2.9",type:"menu",items:{changelog:{title:"Changelog",href:"/changelog"},contribute:{title:"Contribute",href:"/contribute"}}},community:{title:"Community",type:"page",href:"https://community.mud.dev",newWindow:!0},twitter:{title:"Twitter",type:"page",href:"https://twitter.com/latticexyz",newWindow:!0},discord:{title:"Discord",type:"page",href:"https://lattice.xyz/discord",newWindow:!0}}},{kind:"Folder",name:"audits",route:"/audits",children:[{kind:"MdxPage",name:"2024-02-11-open-zeppelin",route:"/audits/2024-02-11-open-zeppelin"},{kind:"Meta",data:{"2024-02-11-open-zeppelin":"2024-02-11 OpenZeppelin",pdf:{display:"hidden"},icons:{display:"hidden"}}}]},{kind:"Folder",name:"best-practices",route:"/best-practices",children:[{kind:"Meta",data:{"dividing-into-systems":"Dividing Code into Systems",system:"System Best Practices","deployment-settings":"Recommended Deployment Settings","aws-kms":"Deploy production worlds using AWS KMS"}},{kind:"MdxPage",name:"aws-kms",route:"/best-practices/aws-kms"},{kind:"MdxPage",name:"deployment-settings",route:"/best-practices/deployment-settings"},{kind:"MdxPage",name:"dividing-into-systems",route:"/best-practices/dividing-into-systems"},{kind:"MdxPage",name:"system",route:"/best-practices/system"}]},{kind:"MdxPage",name:"changelog",route:"/changelog"},{kind:"Folder",name:"cli",route:"/cli",children:[{kind:"Meta",data:{tablegen:"mud tablegen",worldgen:"mud worldgen",test:"mud test",deploy:"mud deploy",verify:"mud verify","dev-contracts":"mud dev-contracts","abi-ts":"mud abi-ts","set-version":"mud set-version"}},{kind:"MdxPage",name:"abi-ts",route:"/cli/abi-ts"},{kind:"MdxPage",name:"deploy",route:"/cli/deploy"},{kind:"MdxPage",name:"dev-contracts",route:"/cli/dev-contracts"},{kind:"MdxPage",name:"set-version",route:"/cli/set-version"},{kind:"MdxPage",name:"tablegen",route:"/cli/tablegen"},{kind:"MdxPage",name:"test",route:"/cli/test"},{kind:"MdxPage",name:"verify",route:"/cli/verify"},{kind:"MdxPage",name:"worldgen",route:"/cli/worldgen"}]},{kind:"Folder",name:"config",route:"/config",children:[{kind:"MdxPage",name:"reference",route:"/config/reference"},{kind:"Meta",data:{reference:"Reference"}}]},{kind:"MdxPage",name:"config",route:"/config"},{kind:"MdxPage",name:"contribute",route:"/contribute"},{kind:"Folder",name:"guides",route:"/guides",children:[{kind:"Meta",data:{"hello-world":"Hello World","extending-a-world":"Extending a World","adding-delegation":"Adding Delegation",modules:"Writing MUD Modules",emojimon:"Emojimon",testing:"Testing","replicating-onchain-state":"Replicating onchain state"}},{kind:"MdxPage",name:"adding-delegation",route:"/guides/adding-delegation"},{kind:"Folder",name:"emojimon",route:"/guides/emojimon",children:[{kind:"MdxPage",name:"1-preface-the-ecs-model",route:"/guides/emojimon/1-preface-the-ecs-model"},{kind:"MdxPage",name:"2-getting-started",route:"/guides/emojimon/2-getting-started"},{kind:"MdxPage",name:"3-players-and-movement",route:"/guides/emojimon/3-players-and-movement"},{kind:"MdxPage",name:"4-map-and-terrain",route:"/guides/emojimon/4-map-and-terrain"},{kind:"MdxPage",name:"5-a-wild-emojimon-appears",route:"/guides/emojimon/5-a-wild-emojimon-appears"},{kind:"MdxPage",name:"6-advanced",route:"/guides/emojimon/6-advanced"},{kind:"Meta",data:{"1-preface-the-ecs-model":"Preface: the ECS model","2-getting-started":"Getting started","3-players-and-movement":"Players and movement","4-map-and-terrain":"Map and terrain","5-a-wild-emojimon-appears":"A wild Emojimon appears","6-advanced":"Advanced features"}}]},{kind:"MdxPage",name:"emojimon",route:"/guides/emojimon"},{kind:"Folder",name:"extending-a-world",route:"/guides/extending-a-world",children:[{kind:"Meta",data:{index:"Extending a World Permissionlessly"}},{kind:"MdxPage",name:"index",route:"/guides/extending-a-world"}]},{kind:"Folder",name:"hello-world",route:"/guides/hello-world",children:[{kind:"Meta",data:{"add-table":"Add a table","filter-sync":"Filter data synchronization","add-system":"Add a system",deploy:"Deploy to a blockchain","add-chain-client":"Add chains to the client"}},{kind:"MdxPage",name:"add-chain-client",route:"/guides/hello-world/add-chain-client"},{kind:"MdxPage",name:"add-system",route:"/guides/hello-world/add-system"},{kind:"MdxPage",name:"add-table",route:"/guides/hello-world/add-table"},{kind:"MdxPage",name:"deploy",route:"/guides/hello-world/deploy"},{kind:"MdxPage",name:"filter-sync",route:"/guides/hello-world/filter-sync"}]},{kind:"MdxPage",name:"hello-world",route:"/guides/hello-world"},{kind:"MdxPage",name:"modules",route:"/guides/modules"},{kind:"MdxPage",name:"replicating-onchain-state",route:"/guides/replicating-onchain-state"},{kind:"MdxPage",name:"testing",route:"/guides/testing"}]},{kind:"Folder",name:"indexer",route:"/indexer",children:[{kind:"Meta",data:{using:"Using the Indexer",sqlite:"SQLite Indexer","postgres-event-only":"PostgreSQL for events","postgres-decoded":"PostgreSQL for data (and events)",sql:"SQL API (Experimental)"}},{kind:"MdxPage",name:"postgres-decoded",route:"/indexer/postgres-decoded"},{kind:"MdxPage",name:"postgres-event-only",route:"/indexer/postgres-event-only"},{kind:"MdxPage",name:"sql",route:"/indexer/sql"},{kind:"MdxPage",name:"sqlite",route:"/indexer/sqlite"},{kind:"MdxPage",name:"using",route:"/indexer/using"}]},{kind:"MdxPage",name:"indexer",route:"/indexer"},{kind:"MdxPage",name:"introduction",route:"/introduction"},{kind:"MdxPage",name:"quickstart",route:"/quickstart"},{kind:"Folder",name:"retrospectives",route:"/retrospectives",children:[{kind:"MdxPage",name:"2023-09-12-register-system-vulnerability",route:"/retrospectives/2023-09-12-register-system-vulnerability"},{kind:"MdxPage",name:"2024-04-17-storeread-getdynamicfieldlength-bug",route:"/retrospectives/2024-04-17-storeread-getdynamicfieldlength-bug"},{kind:"Meta",data:{"2024-04-17-storeread-getdynamicfieldlength-bug":"2024-04-17 StoreRead.getDynamicFieldLength bug","2023-09-12-register-system-vulnerability":"2023-09-12 registerSystem vulnerability"}}]},{kind:"Folder",name:"state-query",route:"/state-query",children:[{kind:"Meta",data:{typescript:"TypeScript"}},{kind:"Folder",name:"typescript",route:"/state-query/typescript",children:[{kind:"Meta",data:{recs:"RECS",zustand:"Zustand"}},{kind:"MdxPage",name:"recs",route:"/state-query/typescript/recs"},{kind:"MdxPage",name:"zustand",route:"/state-query/typescript/zustand"}]}]},{kind:"Folder",name:"store",route:"/store",children:[{kind:"Meta",data:{introduction:"Introduction","data-model":"Data model",tables:"Tables","table-libraries":"Table libraries",encoding:"Encoding","store-hooks":"Store hooks",reference:"Reference"}},{kind:"MdxPage",name:"data-model",route:"/store/data-model"},{kind:"MdxPage",name:"encoding",route:"/store/encoding"},{kind:"MdxPage",name:"introduction",route:"/store/introduction"},{kind:"Folder",name:"reference",route:"/store/reference",children:[{kind:"Meta",data:{"store-core":"StoreCore (internal)",store:"IStore (external)","store-hook":"StoreHook",misc:"Miscellaneous"}},{kind:"MdxPage",name:"misc",route:"/store/reference/misc"},{kind:"MdxPage",name:"store-core",route:"/store/reference/store-core"},{kind:"MdxPage",name:"store-hook",route:"/store/reference/store-hook"},{kind:"MdxPage",name:"store",route:"/store/reference/store"}]},{kind:"MdxPage",name:"store-hooks",route:"/store/store-hooks"},{kind:"MdxPage",name:"table-libraries",route:"/store/table-libraries"},{kind:"MdxPage",name:"tables",route:"/store/tables"}]},{kind:"Folder",name:"templates",route:"/templates",children:[{kind:"Meta",data:{typescript:"TypeScript",godot:"Godot",pwa:"Progressive Web App (for mobile)",swift:"Swift",svelte:"Svelte",unity:"Unity",nethereum:"Nethereum"}},{kind:"MdxPage",name:"godot",route:"/templates/godot"},{kind:"MdxPage",name:"nethereum",route:"/templates/nethereum"},{kind:"MdxPage",name:"pwa",route:"/templates/pwa"},{kind:"MdxPage",name:"svelte",route:"/templates/svelte"},{kind:"MdxPage",name:"swift",route:"/templates/swift"},{kind:"Folder",name:"typescript",route:"/templates/typescript",children:[{kind:"Meta",data:{contracts:"Contracts",vanilla:"Vanilla","react-ecs":"React-ECS",threejs:"Three.js",vue:"Vue"}},{kind:"MdxPage",name:"contracts",route:"/templates/typescript/contracts"},{kind:"MdxPage",name:"react-ecs",route:"/templates/typescript/react-ecs"},{kind:"MdxPage",name:"threejs",route:"/templates/typescript/threejs"},{kind:"MdxPage",name:"vanilla",route:"/templates/typescript/vanilla"},{kind:"MdxPage",name:"vue",route:"/templates/typescript/vue"}]},{kind:"MdxPage",name:"unity",route:"/templates/unity"}]},{kind:"MdxPage",name:"templates",route:"/templates"},{kind:"Folder",name:"world",route:"/world",children:[{kind:"Meta",data:{introduction:"Introduction","resource-ids":"Resource Identifiers","namespaces-access-control":"Namespaces & Access Control",tables:"Tables",systems:"Systems","system-hooks":"System Hooks","function-selectors":"Function Selectors",balance:"Balance","account-delegation":"Account Delegation","batch-calls":"Batch Calls",upgrades:"Upgrading",modules:"Modules",reference:"Reference"}},{kind:"MdxPage",name:"account-delegation",route:"/world/account-delegation"},{kind:"MdxPage",name:"balance",route:"/world/balance"},{kind:"MdxPage",name:"batch-calls",route:"/world/batch-calls"},{kind:"MdxPage",name:"function-selectors",route:"/world/function-selectors"},{kind:"MdxPage",name:"introduction",route:"/world/introduction"},{kind:"Folder",name:"modules",route:"/world/modules",children:[{kind:"Meta",data:{keyswithvalue:"Keys with Value",keysintable:"Keys in Table",erc20:"ERC-20 tokens",erc721:"ERC-721 (NFT)"}},{kind:"MdxPage",name:"erc20",route:"/world/modules/erc20"},{kind:"MdxPage",name:"erc721",route:"/world/modules/erc721"},{kind:"MdxPage",name:"keysintable",route:"/world/modules/keysintable"},{kind:"MdxPage",name:"keyswithvalue",route:"/world/modules/keyswithvalue"}]},{kind:"MdxPage",name:"modules",route:"/world/modules"},{kind:"MdxPage",name:"namespaces-access-control",route:"/world/namespaces-access-control"},{kind:"Folder",name:"reference",route:"/world/reference",children:[{kind:"Meta",data:{"delegation-external":"Delegation (interface)",module:"Modules","module-external":"Modules (interface)",system:"Systems","system-external":"Systems (interface)",world:"World","world-external":"World (interfaces)","world-context":"World context","world-context-external":"World context (interface)","resource-ids":"Resource IDs",misc:"Miscellaneous",internal:"Internals"}},{kind:"MdxPage",name:"delegation-external",route:"/world/reference/delegation-external"},{kind:"Folder",name:"internal",route:"/world/reference/internal",children:[{kind:"Meta",data:{"access-control":"Access Control",create:"Create2",delegation:"Delegation",erc165:"ERC165","erc165-external":"ERC165 (interface)","init-module":"Init Module","init-module-implementation":"Init Module Implementation",systemcall:"SystemCall"}},{kind:"MdxPage",name:"access-control",route:"/world/reference/internal/access-control"},{kind:"MdxPage",name:"create",route:"/world/reference/internal/create"},{kind:"MdxPage",name:"delegation",route:"/world/reference/internal/delegation"},{kind:"MdxPage",name:"erc165-external",route:"/world/reference/internal/erc165-external"},{kind:"MdxPage",name:"erc165",route:"/world/reference/internal/erc165"},{kind:"MdxPage",name:"init-module-implementation",route:"/world/reference/internal/init-module-implementation"},{kind:"MdxPage",name:"init-module",route:"/world/reference/internal/init-module"},{kind:"MdxPage",name:"systemcall",route:"/world/reference/internal/systemcall"}]},{kind:"MdxPage",name:"misc",route:"/world/reference/misc"},{kind:"MdxPage",name:"module-external",route:"/world/reference/module-external"},{kind:"MdxPage",name:"module",route:"/world/reference/module"},{kind:"MdxPage",name:"resource-ids",route:"/world/reference/resource-ids"},{kind:"MdxPage",name:"system-external",route:"/world/reference/system-external"},{kind:"MdxPage",name:"system",route:"/world/reference/system"},{kind:"MdxPage",name:"world-context-external",route:"/world/reference/world-context-external"},{kind:"MdxPage",name:"world-context",route:"/world/reference/world-context"},{kind:"MdxPage",name:"world-external",route:"/world/reference/world-external"},{kind:"MdxPage",name:"world",route:"/world/reference/world"}]},{kind:"MdxPage",name:"resource-ids",route:"/world/resource-ids"},{kind:"MdxPage",name:"system-hooks",route:"/world/system-hooks"},{kind:"MdxPage",name:"systems",route:"/world/systems"},{kind:"MdxPage",name:"tables",route:"/world/tables"},{kind:"MdxPage",name:"upgrades",route:"/world/upgrades"}]},{kind:"MdxPage",name:"world-explorer",route:"/world-explorer"}],flexsearch:{codeblocks:!0},title:"2024-02-11 OpenZeppelin Audit"},pageNextRoute:"/audits/2024-02-11-open-zeppelin",nextraLayout:a.ZP,themeConfig:i.Z};function g(e){let t=Object.assign({h1:"h1",p:"p",table:"table",thead:"thead",tr:"tr",th:"th",tbody:"tbody",td:"td",a:"a"},(0,o.ah)(),e.components);return(0,r.jsxs)(r.Fragment,{children:[(0,r.jsx)(t.h1,{children:"2024-02-11 OpenZeppelin Audit"}),"\n",(0,r.jsx)(t.p,{children:"OpenZeppelin audited both our Solidity contracts and our TypeScript code generation component."}),"\n",(0,r.jsxs)(t.table,{children:[(0,r.jsx)(t.thead,{children:(0,r.jsxs)(t.tr,{children:[(0,r.jsx)(t.th,{}),(0,r.jsx)(t.th,{children:"Contracts"}),(0,r.jsx)(t.th,{children:"Code Generation"})]})}),(0,r.jsxs)(t.tbody,{children:[(0,r.jsxs)(t.tr,{children:[(0,r.jsx)(t.td,{children:"Open Zeppelin blog"}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"https://blog.openzeppelin.com/mud-audit",children:"\uD83D\uDD17"})}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"https://blog.openzeppelin.com/mud-code-generation-audit",children:"\uD83D\uDD17"})})]}),(0,r.jsxs)(t.tr,{children:[(0,r.jsx)(t.td,{children:"PDF"}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"/pdf/2024-02-11-oz-contracts.pdf",children:(0,r.jsx)(l(),{placeholder:"blur",src:c})})}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"/pdf/2024-02-11-oz-codegen.pdf",children:(0,r.jsx)(l(),{placeholder:"blur",src:c})})})]}),(0,r.jsxs)(t.tr,{children:[(0,r.jsx)(t.td,{children:"Version audited"}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"https://github.com/latticexyz/mud/tree/12a9eb1afb18a7f7cb43d774cabb2d5af7c74e6b",children:(0,r.jsx)(l(),{placeholder:"blur",src:u})})}),(0,r.jsx)(t.td,{children:(0,r.jsx)(t.a,{href:"https://github.com/latticexyz/mud/tree/f6133591a86eb169a7b1b2b8d342733a887af610",children:(0,r.jsx)(l(),{placeholder:"blur",src:u})})})]})]})]}),"\n",(0,r.jsxs)(t.p,{children:["This audit also inspired OpenZeppelin to write ",(0,r.jsx)(t.a,{href:"https://blog.openzeppelin.com/why-your-code-needs-to-be-self-contained",children:"an illustrative case study"})," identifying a class of vulnerabilities."]})]})}var p=(0,d.j)(m)}},function(e){e.O(0,[3720,2888,179],function(){return e(e.s=40853)}),_N_E=e.O()}]);