For non-coders, this can be pretty overwhelming. But let me explain it in simple terms.

The image shows the interface or template (as we discussed above) for making a token.

The first function is totalSupply() which gives a number as an output. This number is the total supply of the token.

The second function is balanceOf() which takes the address of an owner as the input and gives the balance of the users as output.

The allowance() function takes in the address of the tokenOwner and the spender and gives as output, the number of tokens allowed to be transferred from a given address by another given address.

The transfer() function simply takes in the address of the receiver and the funds which are to be sent to the account. It then gives a boolean output value which is either true or false. True means that the amount was transferred successfully whereas false means the amount could not be transferred.

Then we have the approve() function. You can approve someone to spend from your account. This function takes the address of the spender along with the coins to be spent as the input and tells whether the transaction was a success or a failure.

Last but not the least, we have the transferFrom() function. It takes in three inputs — the address of the sender, the address of the receiver, as well as the number of tokens to be transferred. It again gives an output to notify the success or the failure of the transfer.

In addition to these 6 mandatory functions, there are 2 events also — Transfer() and Approval().

The Transfer() event produces the details of the transaction which resulted in the movement of tokens from one address to the other, whereas the Approval() event gives the details of the approval of tokens.

These events are triggered when a relevant action, pertaining to the 6 functions above, takes place on the blockchain.

In the image, you can also see three variables at the bottom of the contract. These are optional information such as name, symbols and, decimals, which the token may or may not include.

But why do we need ERC20 Tokens? Why can’t just everyone make their Token Contracts in their own style?

Let us go back to our example of Google Docs. Let us say you with your friends have to submit a report on a particular topic. Now if you all make your reports with a template provided by Docs, the person assessing your report will know exactly where to find the information and what is the structure of the report.

On the other hand, if all of you prepare your reports with different structures, then it will be relatively difficult to assess and evaluate them.

Similarly, while making your own Token Contract in your style is possible, it can have certain disadvantages.

If the code structure of all the tokens is different, then exchanges, wallets, smart contracts and other developers will have to write custom code to communicate with each type of token.

This will take a lot of time which means that for your token to be widely adopted, third parties would need a significant amount of time to change their code to support your token as well.

Who wants that right? With ERC20, as soon as you launch your token, third parties can already support the token as they have support for Ether as well as other ERC20 tokens.

This means your token can instantly be listed on exchanges and users can trade them with their existing wallets. Thus, it establishes interoperability.

The Dark Side of ERC20

So far we have learned about what ERC20 token standard is and how it can make the life of developers easier.

There is a large community of Ethereum developers which one can always take advantage of in case of any difficulty.

The companies wanting to launch their own tokens do not have to go through the long process of making their own blockchain, thus, saving time, effort and money.

Just as there are two sides to every coin, ERC20 Tokens are also not a one-size-fits-all solution.

I would like to mention two main bugs (errors) here — The first one is the batchOverlofw bug and the second one causes Unexpected Money Losses.

The batchOverflow Bug

Simply put, this bug helped attackers to possess a lot of tokens out of nowhere.

It is a ‘classical integer overflow issue.’ Here is a code snippet of the function that was faulty