OpenZeppelin
OpenZeppelin is an open-source platform for building dApps by providing secure, tested smart contracts and security audits in order to support decentralized applications, protocols, and organizations.[2][3] As of September 2022, OpenZeppelin powers over 3,000 public projects with its products.[13][26]
OpenZeppelin went live in 2016 as a smart contract development framework for the Ethereum Virtual Machine EVM focused on security, modularity, and code reusability. The project was established by Zeppelin Solutions with an aim to bring the community together and share efforts in developing new security standards for smart contracts.[16]
On October 22, 2018, OpenZeppelin announced the release of OpenZeppelin 2.0 which brought in additional features to the platform including a Stable API, 100% test coverage, and Full Independent Audit.[14]
On March 24, 2022, OpenZeppelin partnered with ANZ Bank to launch the first bank-issued stablecoin, the A$DC token ("A dollar DC"), which was fixed at a 1:1 ratio with the Australian Dollar. By using A$DC, ANZ clients were able to send A$30 million to digital asset fund managers in less than 10 minutes without costly intermediary conversions.[15]
Overview
OpenZeppelin is a crypto cybersecurity technology and services company that provides an open-source framework for developing secure smart contracts as well as comprehensive security audits for some of the largest DeFi and NFT projects. Their clients include notable projects such as the Ethereum Foundation, Coinbase, and Brave.[13][17][25]
OpenZeppelin - Explained
Founded in 2016 by Zeppelin Solutions, a technology company focused on improving blockchain technology, security, and infrastructure, OpenZeppelin was created with a vision to provide tools for developers to easily create, test, verify and audit smart contracts thus “protecting the open economy.” Since its launch, the platform has brought greater security to the DeFi ecosystem by providing smart contract developers with a library of security tools that allows them to focus more on deployment and less on security, allowing for faster launches and greater reliability.[18]
OpenZeppelin’s CEO, Demian Brener, in an interview with Bankless spoke about the platform's aim, he said:
Trust minimization narrows down the pieces that we are trusting and can’t see. We can see the code executed on-chain. But even with the most trust minimized DeFi platforms, what things do we still have to trust? The best way to scale DeFi is to get to a place of massive trust minimization.[17]
OpenZeppelin has continually implemented new features and built partnerships in order to boost its efficiency and security for blockchain projects. On July 16, 2021, OpenZeppelin Subgraphs was introduced into the platform. This was developed by integrating The Graph Subgraphs into OpenZeppelin's Contracts. This has simplified designing efficient subgraphs in building decentralized apps.[19]
On August 17, 2021, the team announced the release of their governance system OpenZeppelin Governor, which is now used in their open-source smart contract library and in Defender. It was developed in collaboration with Compound and offers a full-featured user interface experience for proposers and stakeholders.[20]
Products
OpenZeppelin Contracts
OpenZeppelin's Contracts is a library of secure smart contracts for Ethereum and other blockchains that are freely available for developers. These open-source smart contracts are written in Solidity language and use ERC standards for Ethereum-based tokens. In an effort to minimize the cyber risks associated with developing secure smart contracts on Ethereum or other blockchains, OpenZeppelin Contracts are continually audited and tested.[24]
OpenZeppelin Defender
Launched in October 2020, OpenZeppelin Defender is one of OpenZeppelin’s web applications that offer operations for Ethereum projects to securely automate their smart contract operations, speeding up development and minimizing risk. OpenZeppelin Defender was developed in collaboration with Compound Labs, Aave, dYdX, PoolTogether, Balancer, Foundation Labs, and some other leading teams.[21]
Additionally, OpenZeppelin Defender gives developers access to a user-friendly UI and the required infrastructure for sending their transactions and creating automated scripts. As of September 2022, OpenZeppelin has built up an impressive library for developing smart contracts that power over 3,000 public projects.[21]
Tech
Some of OpenZeppelin’s built-in functionalities include:[22]
- Access Control: Developers may easily set essentially who is permitted to do what in their system using OpenZeppelin's access control. Any project's security depends on this infrastructure because a failure might allow a system to be successfully stolen. Any project's security depends on this infrastructure because a failure might allow a system to be successfully stolen. Both simple single-administrator ownership and flexible Role-Based Access Control capability are offered by OpenZepplin Contracts. Developers can securely designate who can issue tokens, cast votes on proposals, halt transfers, and do other protected operations using these functionalities.
- Governance: OpenZeppelin’s Governor offers a ready-to-use governance protocol. For truly decentralized protocols, on-chain governance is a requirement, and it has become a key element for many. Important decisions like parameter adjusting, smart contract upgrades, integrations with other protocols, treasury administration, grants, etc. can be made by the community. Since OpenZeeplin's Contracts are so flexible, updates may frequently be made without a hard fork by adding new modules using Solidity inheritance.
- Tokens: OpenZeppelin has token contracts for many of the most common Ethereum standards, such as ERC20 and ERC721. Developers can deploy their own tokens using this infrastructure, along with many additional features like price monitoring, specified token transfer methods, purchase authentication, etc. The OpenZeppelin Contracts Wizard, an online interactive generator to bootstrap contracts is supported by three ERC standards:
- ERC20 – A fungible token standard that follows EIP-20, such as fiat currencies.
- ERC721 – an NFT token standard that follows EIP-721.
- ERC1155 – Represents both fungible and non-fungible tokens. It is known as a multi-token contract and follows EIP-1155.[23]
Use Cases
Payments
If there are developers creating dApps with numerous beneficiaries, they can distribute the revenue from their dApp purchases to various parties by using the OpenZeppelin "paymentSplitter" contract.[17]
Gas Station Network
This contract enables developers to create dApps that let them make payments on behalf of users. Users don't need to have ETH in their wallets with this approach because developers get to pay for them.
Calculations
“SafeMath” is a useful OpenZeppelin contract that helps make precise and accurate calculations. When writing Solidity code, this library is extremely helpful for preventing operation overflow. The circumstance arises when the value of a particular arithmetic operation is outside the permitted range.
Ownership
“Ownable” is another OpenZeppelin contract that allows developers to specify ownership within contracts. Executing this contract would aid certain entities in acquiring certain capabilities. Developers can transfer ownership from one account to another by using extensions for the base contract. Attributable to another extension to this contract, developers can also abandon the previous ownership.[17]
Projects
Contracts
Some projects building with Openzeppelin contracts include:[1]
- Decentraland: the first decentralized metaverse that is built, governed, and owned by its users.
- dYdX: a leading decentralized exchange that currently supports perpetual trading.
- Gnosis: a prediction market forecasting platform where users buy shares in the outcome of events.
- Ocean Protocol: an ecosystem for sharing data and associated services.
- Aztec Protocol: an Ethereum trading protocol that enables private transactions across the blockchain.
Defender
Some projects that deploy the security of OpenZeppelin Defender include:
- Balancer: an Ethereum-based automated market maker exchange protocol.
- OPYN: a DeFi options protocol that allows users to buy, sell, and create options on ERC-20s
- Compound: a DeFi project that enables users to take out loans via smart contracts.
- Foundation: an NFT Marketplace where creators mint and auction their digital artworks as NFTs.
- Pool Together: a no-loss, audited savings game powered by blockchain technology.
- AAVE: a DeFi lending protocol that allows users to borrow a wide range of cryptocurrencies.
Collaborations
OpenZeppelin x Microsoft
On October 29, 2019, OpenZeppelin collaborated with Microsoft and announced the launch of the OpenZeppelin Audited Smart Contract library as part of the Microsoft Azure Blockchain Development Kit VSCode plugin. The partnership increases the security of Solidity smart contract-based projects and makes OpenZeppelin's Contracts library available to users worldwide.[12]
The Microsoft Azure VSCode plugin will aid in creating secure, simpler-to-audit code through write-protected and integrity-checked imports for projects seeking to utilize OpenZeppelin's security auditing services. Smart contract developers building with Microsoft’s VSCode will also benefit by securely integrating OpenZeppelin Contracts into their code base.[12]
OpenZeppelin x Moonbeam
On June 4, 2021, OpenZeppelin announced its integration with Moonbeam, the Ethereum-compatible smart contract platform on Polkadot. The integration provides Moonbeam developers of all levels with the ability to easily create, manage, and deploy smart contracts using the full set of OpenZeppelin tools, including their contract wizard. The Moonbeam DeFi ecosystem will have the ability to quickly expand to include a rich range of local assets by making it even simpler to design and deploy smart contracts and tokens.[4]
OpenZeppelin x Chainlink
On June 25, 2021, OpenZeppelin announced that it has integrated support for the Chainlink Keepers Open Beta directly within the OpenZeppelin Defender platform—the leading security operations suite for Ethereum and EVM-based chains. Chainlink Keepers offers strong uptime guarantees on the automation of crucial smart contract functions, many of which are time-sensitive.[11]
OpenZeppelin x Chainlink
The integration will allow for Smart contract development teams to register and manage Chainlink Keeper Jobs directly within the OpenZepllin Defender platform as a way to outsource contract operations to a decentralized network of professional DevOps for critical functions such as harvesting, liquidations, rebasing, and more. This will enable teams to manage high-value smart contract systems without having to worry about centralized points of failure or poorly compensated processes.
Partnerships
OpenZeppelin has an extensive list of partnerships, including:
Team
Some of the Team members include:[10]