ERC-20 token standard

4 min readNov 10, 2023

ERC-20 (Ethereum Request for Comment no. 20) is a proposal created in 2015 that described how a common token must look like in Ethereum.

Here are some references:

ERC-20 token standard has a security flaw in its transferring pattern — it doesn’t implement “transaction handling” which is a musthave feature for a financial software. This makes it impossible to properly handle transaction errors and prevent “incorrect” transactions in some cases. At the time of writing this security flaw caused Ethereum token users to lose more than $90,000,000 worth of assets. Here is a script that calculates the amount of lost ERC-20 tokens:

Here is a security statement regarding this flaw. Here is my article that describes the flaw in detail.

It is a well-known problem. The history of a disaster.

I’ve discovered this flaw in 2017. I made quite a lot of publications regarding the issue and I’ll make a summary here. In 2017 I’ve created an alternative ERC-223 token standard that was designed to address the problem of ERC-20.

What was done so far to solve the problem

And a lot more…

A couple of words about myself.

I’m Dexaran, a pseudonymous security engineer & hacker. I’m hanging in crypto industry since 2012.