OpenZeppelin · Amxx · Dec 15, 2025 · Dec 15, 2025 · Dec 15, 2025 · Dec 15, 2025
@@ -143,8 +143,7 @@ abstract contract AccessControl is Context, IAccessControl, ERC165 {
      * purpose is to provide a mechanism for accounts to lose their privileges
      * if they are compromised (such as when a trusted device is misplaced).
      *
-     * If the calling account had been revoked `role`, emits a {RoleRevoked}
-     * event.
+     * Emits a {RoleRevoked} event if the calling account had `role` and this call successfully revoked it.
      *
      * Requirements:
      *

@@ -329,7 +329,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
      * Emits a {RoleAdminChanged} event.
      *
      * NOTE: Setting the admin role as the `PUBLIC_ROLE` is allowed, but it will effectively allow
-     * anyone to set grant or revoke such role.
+     * anyone to grant or revoke such role.
      */
     function _setRoleAdmin(uint64 roleId, uint64 admin) internal virtual {
         if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {

@@ -15,7 +15,7 @@ import {LowLevelCall} from "../utils/LowLevelCall.sol";
  * Developers must implement the {AbstractSigner-_rawSignatureValidation} function to define the account's validation logic.
  *
  * NOTE: This core account doesn't include any mechanism for performing arbitrary external calls. This is an essential
- * feature that all Account should have. We leave it up to the developers to implement the mechanism of their choice.
+ * feature that all Accounts should have. We leave it up to the developers to implement the mechanism of their choice.
  * Common choices include ERC-6900, ERC-7579 and ERC-7821 (among others).
  *
  * IMPORTANT: Implementing a mechanism to validate signatures is a security-sensitive operation as it may allow an
@@ -104,7 +104,7 @@ abstract contract Account is AbstractSigner, IAccount {
     }
 
     /**
-     * @dev Virtual function that returns the signable hash for a user operations. Since v0.8.0 of the entrypoint,
+     * @dev Virtual function that returns the signable hash for a user operation. Since v0.8.0 of the entrypoint,
      * `userOpHash` is an EIP-712 hash that can be signed directly.
      */
     function _signableUserOpHash(

@@ -175,7 +175,7 @@ library ERC4337Utils {
         //
         // Prior to v0.8.0, this was easy to replicate for any entrypoint and chainId. Since v0.8.0 of the
         // entrypoint, this depends on the Entrypoint's domain separator, which cannot be hardcoded and is complex
-        // to recompute. Domain separator could be fetch using the `getDomainSeparatorV4` getter, or recomputed from
+        // to recompute. Domain separator could be fetched using the `getDomainSeparatorV4` getter, or recomputed from
         // the ERC-5267 getter, but both operation would require doing a view call to the entrypoint. Overall it feels
         // simpler and less error prone to get that functionality from the entrypoint directly.
         return IEntryPointExtra(entrypoint).getUserOpHash(self);

@@ -12,7 +12,7 @@ import {IERC7786Recipient} from "../interfaces/draft-IERC7786.sol";
  * destination gateways. This contract leaves two functions unimplemented:
  *
  * * {_isAuthorizedGateway}, an internal getter used to verify whether an address is recognised by the contract as a
- * valid ERC-7786 destination gateway. One or multiple gateway can be supported. Note that any malicious address for
+ * valid ERC-7786 destination gateway. One or multiple gateways can be supported. Note that any malicious address for
  * which this function returns true would be able to impersonate any account on any other chain sending any message.
  *
  * * {_processMessage}, the internal function that will be called with any message that has been validated.

@@ -17,8 +17,8 @@ import {CrosschainLinked} from "../../CrosschainLinked.sol";
  * This base contract is used by the {BridgeERC1155}, which interfaces with legacy ERC-1155 tokens. It is also used by
  * the {ERC1155Crosschain} extension, which embeds the bridge logic directly in the token contract.
  *
- * This base contract implements the crosschain transfer operation though internal functions. It is for the the "child
- * contracts" that inherit from this to implement the external interfaces and make this functions accessible.
+ * This base contract implements the crosschain transfer operation through internal functions. It is for the "child
+ * contracts" that inherit from this to implement the external interfaces and make these functions accessible.
  */
 abstract contract BridgeMultiToken is Context, CrosschainLinked {
     using InteroperableAddress for bytes;

@@ -8,7 +8,10 @@ This directory includes primitives for financial systems:
 - {VestingWallet} handles the vesting of Ether and ERC-20 tokens for a given beneficiary. Custody of multiple tokens can
   be given to this contract, which will release the token to the beneficiary following a given, customizable, vesting
   schedule.
+- {VestingWalletCliff} is an extension of {VestingWallet} that adds a cliff to the vesting schedule.
 
 == Contracts
 
 {{VestingWallet}}
+
+{{VestingWalletCliff}}
@@ -24,8 +24,9 @@ abstract contract VestingWalletCliff is VestingWallet {
      * constructor) and ends `cliffSeconds` later.
      */
     constructor(uint64 cliffSeconds) {
-        if (cliffSeconds > duration()) {
-            revert InvalidCliffDuration(cliffSeconds, duration().toUint64());
+        uint256 vestingDuration = duration();
+        if (cliffSeconds > vestingDuration) {
+            revert InvalidCliffDuration(cliffSeconds, vestingDuration.toUint64());
         }
         _cliff = start().toUint64() + cliffSeconds;
     }

@@ -7,7 +7,7 @@ This directory includes primitives for on-chain governance.
 
 == Governor
 
-This modular system of Governor contracts allows the deployment on-chain voting protocols similar to https://compound.finance/docs/governance[Compound's Governor Alpha & Bravo] and beyond, through the ability to easily customize multiple aspects of the protocol.
+This modular system of Governor contracts allows the deployment of on-chain voting protocols similar to https://compound.finance/docs/governance[Compound's Governor Alpha & Bravo] and beyond, through the ability to easily customize multiple aspects of the protocol.
 
 [TIP]
 ====
@@ -58,6 +58,8 @@ Other extensions can customize the behavior or interface in multiple ways.
 
 * {GovernorSuperQuorum}: Extension of {Governor} with a super quorum. Proposals that meet the super quorum (and have a majority of for votes) advance to the `Succeeded` state before the proposal deadline.
 
+* {GovernorSequentialProposalId}: An extension of {Governor} that changes the numbering of proposal ids from the default hash-based approach to sequential ids.
+
 In addition to modules and extensions, the core contract requires a few virtual functions to be implemented to your particular specifications:
 
 * <<Governor-votingDelay-,`votingDelay()`>>: Delay (in ERC-6372 clock) since the proposal is submitted until voting power is fixed and voting starts. This can be used to enforce a delay after a proposal is published for users to buy tokens, or delegate their votes.
@@ -108,8 +110,12 @@ NOTE: Functions of the `Governor` contract do not include access control. If you
 
 {{GovernorSuperQuorum}}
 
+{{GovernorSequentialProposalId}}
+
 == Utils
 
+{{IVotes}}
+
 {{Votes}}
 
 {{VotesExtended}}

@@ -14,15 +14,15 @@ import {SafeCast} from "../../utils/math/SafeCast.sol";
  * the admin of the timelock for any operation to be performed. A public, unrestricted,
  * {GovernorTimelockCompound-__acceptAdmin} is available to accept ownership of the timelock.
  *
- * Using this model means the proposal will be operated by the {TimelockController} and not by the {Governor}. Thus,
- * the assets and permissions must be attached to the {TimelockController}. Any asset sent to the {Governor} will be
+ * Using this model means the proposal will be operated by the {ICompoundTimelock} and not by the {Governor}. Thus,
+ * the assets and permissions must be attached to the {ICompoundTimelock}. Any asset sent to the {Governor} will be
  * inaccessible from a proposal, unless executed via {Governor-relay}.
  */
 abstract contract GovernorTimelockCompound is Governor {
     ICompoundTimelock private _timelock;
 
     /**
-     * @dev Emitted when the timelock controller used for proposal execution is modified.
+     * @dev Emitted when the timelock used for proposal execution is modified.
      */
     event TimelockChange(address oldTimelock, address newTimelock);
 

@@ -28,7 +28,7 @@ abstract contract GovernorVotesSuperQuorumFraction is GovernorVotesQuorumFractio
     error GovernorInvalidSuperQuorumFraction(uint256 superQuorumNumerator, uint256 denominator);
 
     /**
-     * @dev The super quorum set is not valid as it is smaller or equal to the quorum.
+     * @dev The super quorum set is not valid as it is smaller than the quorum.
      */
     error GovernorInvalidSuperQuorumTooSmall(uint256 superQuorumNumerator, uint256 quorumNumerator);
 
@@ -41,7 +41,7 @@ abstract contract GovernorVotesSuperQuorumFraction is GovernorVotesQuorumFractio
      * @dev Initialize super quorum as a fraction of the token's total supply.
      *
      * The super quorum is specified as a fraction of the token's total supply and has to
-     * be greater than the quorum.
+     * be greater than or equal to the quorum.
      */
     constructor(uint256 superQuorumNumeratorValue) {
         _updateSuperQuorumNumerator(superQuorumNumeratorValue);

@@ -1,7 +1,7 @@
-// contracts/MyERC115HolderContract.sol
+// contracts/MyERC1155HolderContract.sol
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.20;
 
 import {ERC1155Holder} from "../../../../token/ERC1155/utils/ERC1155Holder.sol";
 
-contract MyERC115HolderContract is ERC1155Holder {}
+contract MyERC1155HolderContract is ERC1155Holder {}
@@ -54,7 +54,7 @@ library ERC1155Utils {
      * on the `to` address. The `operator` is generally the address that initiated the token transfer (i.e. `msg.sender`).
      *
      * The acceptance call is not executed and treated as a no-op if the target address doesn't contain code (i.e. an EOA).
-     * Otherwise, the recipient must implement {IERC1155Receiver-onERC1155Received} and return the acceptance magic value to accept
+     * Otherwise, the recipient must implement {IERC1155Receiver-onERC1155BatchReceived} and return the acceptance magic value to accept
      * the transfer.
      */
     function checkOnERC1155BatchReceived(

@@ -4,14 +4,13 @@
 pragma solidity ^0.8.20;
 
 import {ERC20} from "../ERC20.sol";
-import {Context} from "../../../utils/Context.sol";
 
 /**
  * @dev Extension of {ERC20} that allows token holders to destroy both their own
  * tokens and those that they have an allowance for, in a way that can be
  * recognized off-chain (via event analysis).
  */
-abstract contract ERC20Burnable is Context, ERC20 {
+abstract contract ERC20Burnable is ERC20 {
     /**
      * @dev Destroys a `value` amount of tokens from the caller.
      *
@@ -29,7 +28,7 @@ abstract contract ERC20Burnable is Context, ERC20 {
      *
      * Requirements:
      *
-     * - the caller must have allowance for ``accounts``'s tokens of at least
+     * - the caller must have allowance for `account`'s tokens of at least
      * `value`.
      */
     function burnFrom(address account, uint256 value) public virtual {

@@ -67,7 +67,7 @@ abstract contract ERC20FlashMint is ERC20, IERC3156FlashLender {
 
     /**
      * @dev Returns the fee applied when doing flash loans. By default this
-     * implementation has 0 fees. This function can be overloaded to make
+     * implementation has 0 fees. This function can be overridden to make
      * the flash loan mechanism deflationary.
      * @return The fees applied to the corresponding flash loan.
      */
@@ -78,7 +78,7 @@ abstract contract ERC20FlashMint is ERC20, IERC3156FlashLender {
     /**
      * @dev Returns the receiver address of the flash fee. By default this
      * implementation returns the address(0) which means the fee amount will be burnt.
-     * This function can be overloaded to change the fee receiver.
+     * This function can be overridden to change the fee receiver.
      * @return The address for which the flash fee will be sent to.
      */
     function _flashFeeReceiver() internal view virtual returns (address) {

@@ -261,8 +261,8 @@ library SafeERC20 {
      *
      * @param token The token targeted by the call.
      * @param spender The spender of the tokens
-     * @param value The amount of token to transfer
-     * @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
+     * @param value The amount of token to approve
+     * @param bubble Behavior switch if the approve call reverts: bubble the revert reason or return a false boolean.
      */
     function _safeApprove(IERC20 token, address spender, uint256 value, bool bubble) private returns (bool success) {
         bytes4 selector = IERC20.approve.selector;

@@ -87,7 +87,7 @@ abstract contract ERC721Consecutive is IERC2309, ERC721 {
 
     /**
      * @dev Mint a batch of tokens of length `batchSize` for `to`. Returns the token id of the first token minted in the
-     * batch; if `batchSize` is 0, returns the number of consecutive ids minted so far.
+     * batch; if `batchSize` is 0, returns the next token id to be minted consecutively.
      *
      * Requirements:
      *

@@ -122,7 +122,7 @@ library Create3 {
         return _computeCreateAddress(Create2.computeAddress(salt, PROXY_INITCODE_HASH, deployer));
     }
 
-    /// @dev Compute the address of the first contract that `creator` would deployed using CREATE (nonce 1).
+    /// @dev Compute the address of the first contract that `creator` would deploy using CREATE (nonce 1).
     function _computeCreateAddress(address creator) private pure returns (address addr) {
         assembly ("memory-safe") {
             mstore(0x15, 0x01)

@@ -97,7 +97,7 @@ library Memory {
     /// @dev Extract the data corresponding to a Slice (allocate new memory)
     function toBytes(Slice self) internal pure returns (bytes memory result) {
         uint256 len = length(self);
-        Memory.Pointer ptr = _pointer(self);
+        Pointer ptr = _pointer(self);
         assembly ("memory-safe") {
             result := mload(0x40)
             mstore(result, len)
@@ -108,8 +108,8 @@ library Memory {
 
     /// @dev Returns true if the two slices contain the same data.
     function equal(Slice a, Slice b) internal pure returns (bool result) {
-        Memory.Pointer ptrA = _pointer(a);
-        Memory.Pointer ptrB = _pointer(b);
+        Pointer ptrA = _pointer(a);
+        Pointer ptrB = _pointer(b);
         uint256 lenA = length(a);
         uint256 lenB = length(b);
         assembly ("memory-safe") {
@@ -134,14 +134,14 @@ library Memory {
      * (`slice(Slice,uint256)` and `slice(Slice,uint256, uint256)`) should not cause this issue if the parent slice is
      * correct.
      */
-    function _asSlice(uint256 len, Memory.Pointer ptr) private pure returns (Slice result) {
+    function _asSlice(uint256 len, Pointer ptr) private pure returns (Slice result) {
         assembly ("memory-safe") {
             result := or(shl(128, len), ptr)
         }
     }
 
     /// @dev Returns the memory location of a given slice (equiv to self.offset for calldata slices)
-    function _pointer(Slice self) private pure returns (Memory.Pointer result) {
+    function _pointer(Slice self) private pure returns (Pointer result) {
         assembly ("memory-safe") {
             result := and(self, shr(128, not(0)))
         }

@@ -24,7 +24,7 @@ abstract contract NoncesKeyed is Nonces {
     /**
      * @dev Consumes the next unused nonce for an address and key.
      *
-     * Returns the current value without the key prefix. Consumed nonce is increased, so calling this function twice
+     * Returns the current value with the key prefix (i.e. the packed keyNonce). Consumed nonce is increased, so calling this function twice
      * with the same arguments will return different (sequential) results.
      */
     function _useNonce(address owner, uint192 key) internal virtual returns (uint256) {

@@ -154,7 +154,7 @@ library RLP {
      * @dev Encode an address as an RLP item of fixed size (20 bytes).
      *
      * The address is encoded with its leading zeros (if it has any). If someone wants to encode the address as a scalar,
-     * they can cast it to an uint256 and then call the corresponding {encode} function.
+     * they can cast it to a uint256 and then call the corresponding {encode} function.
      */
     function encode(address input) internal pure returns (bytes memory result) {
         assembly ("memory-safe") {
@@ -166,7 +166,7 @@ library RLP {
     }
 
     /**
-     * @dev Encode an uint256 as an RLP scalar.
+     * @dev Encode a uint256 as an RLP scalar.
      *
      * Unlike {encode-bytes32-}, this function uses scalar encoding that removes the prefix zeros.
      */

@@ -47,7 +47,7 @@ library ShortStrings {
     /**
      * @dev Encode a string of at most 31 chars into a `ShortString`.
      *
-     * This will trigger a `StringTooLong` error is the input string is too long.
+     * This will trigger a `StringTooLong` error if the input string is too long.
      */
     function toShortString(string memory str) internal pure returns (ShortString) {
         bytes memory bstr = bytes(str);

@@ -89,7 +89,7 @@ library P256 {
         bytes32 qy
     ) private view returns (bool valid, bool supported) {
         if (!_isProperSignature(r, s) || !isValidPublicKey(qx, qy)) {
-            return (false, true); // signature is invalid, and its not because the precompile is missing
+            return (false, true); // signature is invalid, and it's not because the precompile is missing
         } else if (_rip7212(h, r, s, qx, qy)) {
             return (true, true); // precompile is present, signature is valid
         } else if (

@@ -61,6 +61,8 @@ A collection of contracts and libraries that implement various signature validat
 
 {{SignerEIP7702}}
 
+{{SignerWebAuthn}}
+
 {{SignerERC7913}}
 
 {{MultiSignerERC7913}}

@@ -15,7 +15,7 @@ import {RLP} from "../RLP.sol";
  * * Transaction against the transactionsRoot of a block.
  * * Event against receiptsRoot of a block.
  * * Account details (RLP encoding of [nonce, balance, storageRoot, codeHash]) against the stateRoot of a block.
- * * Storage slot (RLP encoding of the value) against the storageRoot of a account.
+ * * Storage slot (RLP encoding of the value) against the storageRoot of an account.
  *
  * Proving a storage slot is usually done in 3 steps:
  *
@@ -67,7 +67,7 @@ library TrieProof {
     /// @dev Number of items in leaf or extension nodes (always 2)
     uint256 internal constant LEAF_OR_EXTENSION_NODE_LENGTH = 2;
 
-    /// @dev Verifies a `proof` against a given `key`, `value`, `and root` hash.
+    /// @dev Verifies a `proof` against a given `key`, `value`, and `root` hash.
     function verify(
         bytes memory value,
         bytes32 root,

@@ -162,7 +162,7 @@ library ERC7739Utils {
      * Following ERC-7739 specifications, a `contentsName` is considered invalid if it's empty or it contains
      * any of the following bytes , )\x00
      *
-     * If the `contentsType` is invalid, this returns an empty string. Otherwise, the return string has non-zero
+     * If the `contentsDescr` is invalid, this returns empty strings. Otherwise, the return strings have non-zero
      * length.
      */
     function decodeContentsDescr(

@@ -51,6 +51,6 @@ abstract contract SignerECDSA is AbstractSigner {
         bytes calldata signature
     ) internal view virtual override returns (bool) {
         (address recovered, ECDSA.RecoverError err, ) = ECDSA.tryRecoverCalldata(hash, signature);
-        return signer() == recovered && err == ECDSA.RecoverError.NoError;
+        return err == ECDSA.RecoverError.NoError && signer() == recovered;
     }
 }