今天，我们来讲讲如何编写一个实际可用，并且没有安全漏洞的生产级别的ERC20代币合约，当然很多人通过百度可以搜索到一堆发币的合约代码，但是大部分都是有安全漏洞的，达不到生产级别。
废话不少，先上完整代码：

1. pragma solidity ^0.4.24;
   
2. library SafeMath {  /**
   
3.   * @dev Multiplies two numbers, throws on overflow.
   
4.   */
   
5.   function mul(uint256 _a, uint256 _b) internal pure returns (uint256 c)
   
6. {    if (_a == 0) {      return 0;
   
7.     }
   
8.     c = _a * _b;
   
9.     assert(c / _a == _b);    return c;
   
10.   }  /**
    
11.   * Integer division of two numbers, truncating the quotient.
    
12.   */
    
13.   function div(uint256 _a, uint256 _b) internal pure returns (uint256) {    return _a / _b;
    
14.   }  /**
    
15.   * Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).
    
16.   */
    
17.   function sub(uint256 _a, uint256 _b) internal pure returns (uint256) {
    
18.     assert(_b = _a);    return c;
    
19.   }
    
20. }
    
21. contract ERC20 {
    
22.   uint256 public totalSupply;  function balanceOf(address _who)
    
23.   public view returns (uint256);
    
24.    function allowance(address _owner, address _spender) public view returns (uint256);
    
25.     function transfer(address _to, uint256 _value) public returns (bool);  
    
26.   function approve(address _spender, uint256 _value) public returns (bool);  
    
27.     function transferFrom(address _from, address _to, uint256 _value) public returns (bool);  
    
28.     event Transfer( address indexed from, address indexed to,  uint256 value);
    
29.      event Approval(address indexed owner, address indexed spender, uint256 value);  
    
30.   event Burn(address indexed from, uint256 value);
    
31. }contract StandardToken is ERC20 {
    
32.   using SafeMath for uint256;
    
33.   mapping(address => uint256) balances;
    
34.   mapping (address => mapping (address => uint256)) internal allowed;  /**
    
35.   * Gets the balance of the specified address.
    
36.   * @param _owner The address to query the the balance of.
    
37.   * @return An uint256 representing the amount owned by the passed address.
    
38.   */
    
39.   function balanceOf(address _owner) public view returns (uint256)
    
40.      {    return balances[_owner];
    
41.   }  /**
    
42.    *  Function to check the amount of tokens that an owner allowed to a spender.
    
43.    * @param _owner address The address which owns the funds.
    
44.    * @param _spender address The address which will spend the funds.
    
45.    * @return A uint256 specifying the amount of tokens still available for the spender.
    
46.    */
    
47.   function allowance(address _owner, address _spender) public view returns
    
48.       (uint256){    return allowed[_owner][_spender];
    
49.   }  /**
    
50.   * Transfer token for a specified address
    
51.   * @param _to The address to transfer to.
    
52.   * @param _value The amount to be transferred.
    
53.   */
    
54.   function transfer(address _to, uint256 _value) public returns
    
55.       (bool) {    require(_value = oldValue) {
    
56.       allowed[msg.sender][_spender] = 0;
    
57.     } else {
    
58.       allowed[msg.sender][_spender] = oldValue.sub(_subtractedValue);
    
59.     }
    
60.     emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]);    return true;
    
61.   }  
    
62.    /**
    
63.      * Destroy tokens
    
64.      *
    
65.      * Remove `_value` tokens from the system irreversibly
    
66.      *
    
67.      * @param _value the amount of money to burn
    
68.      */
    
69.     function burn(uint256 _value) public returns (bool success)
    
70.           {        require(balances[msg.sender] >= _value);   
    
71.         balances[msg.sender] = balances[msg.sender].sub(_value);         
    
72.         totalSupply = totalSupply.sub(_value);                     
    
73.         emit Burn(msg.sender, _value);        return true;
    
74.     }    /**
    
75.      * Destroy tokens from other account
    
76.      *
    
77.      * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
    
78.      *
    
79.      * @param _from the address of the sender
    
80.      * @param _value the amount of money to burn
    
81.      */
    
82.     function burnFrom(address _from, uint256 _value) public returns (bool success)
    
83.           {        require(balances[_from] >= _value);               
    
84.         require(_value

Copy the Code

这些代码是什么意思呢？
一、ERC20（EIP-20）说明
ERC20是一个标准的token接口规范：A standard interface for tokens
该接口的官网说明在下面的链接：https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md
我们来简单介绍下这个接口规范，规范里面定义了9个方法和2个事件
9个方法包括：
返回token的名字
function name() view returns (string name)
返回token的代码
function symbol() view returns (string symbol)
返回token的小数点位数
function decimals() view returns (uint8 decimals)
返回供应总量
unction totalSupply() view returns (uint256 totalSupply)
查询某个地址的余额
function balanceOf(address _owner) view returns (uint256 balance)
给某个地址转账，如果余额不足，该方法必须抛出异常而不是返回false
function transfer(address _to, uint256 _value) returns (bool success)
从from地址转账到to地址，该方法用于委托给其他合约代理你转账
function transferFrom(address _from, address _to, uint256 _value) returns (bool success)
允许多次从您的帐户委托到_spender地址，最高_value金额。如果再次调用此函数，则会覆盖当前允许值_value
function approve(address _spender, uint256 _value) returns (bool success)
返回_spender仍允许退出的金额_owner
function allowance(address _owner, address _spender) view returns (uint256 remaining)
2个事件包括：
转移令牌时必须触发，包括零值转移，注意：创建新token的合约应该触发Transfer事件，即从_from地址设置为0x0创建token的时候
event Transfer(address indexed _from, address indexed _to, uint256 _value)
委托转账必须触发
event Approval(address indexed _owner, address indexed _spender, uint256 _value)


二、代码解释

代码包括几部分：

安全的数学计算库

contract类 ERC20，主要针对ERC20规范定义方法和事件

contract类StandardToken继承ERC20，定义具体的方法实现

contract 类MyTokenERC20集成StandardToken，定义名词，代号，总供应量和创建token