Difference between revisions of "OpenZeppelin"

From CryptoWiki

m (1 revision imported)
 
Line 4: Line 4:
* Based in Argentina, the startup makes tools for fast, easy and secure [[smart contract]] development on the [[Ethereum (ETH)|Ethereum]] [[blockchain]].  
* Based in Argentina, the startup makes tools for fast, easy and secure [[smart contract]] development on the [[Ethereum (ETH)|Ethereum]] [[blockchain]].  
* Gave a [https://forum.openzeppelin.com/t/introduction-to-the-flash-loan-pattern-and-its-security-considerations/2331 presentation] (22-2-2020) on ''<nowiki/>'the [[flash loan]] pattern and its security considerations'.''
* Gave a [https://forum.openzeppelin.com/t/introduction-to-the-flash-loan-pattern-and-its-security-considerations/2331 presentation] (22-2-2020) on ''<nowiki/>'the [[flash loan]] pattern and its security considerations'.''
== Audits ==
* Also does security audits. [https://blog.openzeppelin.com/compound-finance-audit-summary/ Here is] one on [[Compound]].
*"''Developers working for startup OpenZeppelin [https://www.coindesk.com/vulnerability-fixed-in-facebook-contract-language-for-libra-cryptocurrency found] vulnerabilities in [[Move]]. “The vulnerability in the Move IR compiler allows malicious actors to introduce executable code to their smart contracts disguised as inline comments,” OpenZeppelin’s CEO [[Demian Brener]] told [[CoinDesk]]. Brener said the code was disclosed to Libra Aug. 6, with the Libra team evaluating and fixing the bug over the following month. As of Sept. 4, the patch was reviewed and confirmed to be fixed by OpenZeppelin."''
* [[ERC777]] had two exploits (19/20-4-2020), on which OpenZepplin [https://blog.openzeppelin.com/exploiting-uniswap-from-reentrancy-to-actual-profit/ published] an exploit on last summer.
* [[Opyn]] had an audit by OpenZeppelin and still got hacked, however it was reported that the exploit [https://cryptobriefing.com/defi-options-protocol-opyn-hacked-371000-lost/ was outside] (5-8-2020) of the audit’s scope.
*Audited the later hacked code ([https://twitter.com/Darrenlautf/status/1417493473385660433/photo/1 20-7-2021]) of [[Saddle]].
== Tech ==
== Tech ==
* Is using [[Infura]], according to their [https://infura.io/ website] (13-4-2020).
* Is using [[Infura]], according to their [https://infura.io/ website] (13-4-2020).
Line 19: Line 26:


''"Decentralized runtime security protocol for smart contracts, incubated by OpenZeppelin. Protocols, [[Decentralised Autonomous Organisation (DAO)|DAOs]], investors and individuals can use Forta to monitor transaction activity and receive alerts on security, financial, operational and governance related events on [[Layer One|Layer 1s]], [[Layer Two|Layer 2s]] and [[Sidechain|sidechains]]."''
''"Decentralized runtime security protocol for smart contracts, incubated by OpenZeppelin. Protocols, [[Decentralised Autonomous Organisation (DAO)|DAOs]], investors and individuals can use Forta to monitor transaction activity and receive alerts on security, financial, operational and governance related events on [[Layer One|Layer 1s]], [[Layer Two|Layer 2s]] and [[Sidechain|sidechains]]."''
== Governance ==
== Upgrades ==
== Audits ==
* Also does security audits. [https://blog.openzeppelin.com/compound-finance-audit-summary/ Here is] one on [[Compound]].
* "''Developers working for startup OpenZeppelin [https://www.coindesk.com/vulnerability-fixed-in-facebook-contract-language-for-libra-cryptocurrency found] vulnerabilities in [[Move]]. “The vulnerability in the Move IR compiler allows malicious actors to introduce executable code to their smart contracts disguised as inline comments,” OpenZeppelin’s CEO [[Demian Brener]] told [[CoinDesk]]. Brener said the code was disclosed to Libra Aug. 6, with the Libra team evaluating and fixing the bug over the following month. As of Sept. 4, the patch was reviewed and confirmed to be fixed by OpenZeppelin."''
* [[ERC777]] had two exploits (19/20-4-2020), on which OpenZepplin [https://blog.openzeppelin.com/exploiting-uniswap-from-reentrancy-to-actual-profit/ published] an exploit on last summer.
* [[Opyn]] had an audit by OpenZeppelin and still got hacked, however it was reported that the exploit [https://cryptobriefing.com/defi-options-protocol-opyn-hacked-371000-lost/ was outside] (5-8-2020) of the audit’s scope.
*Audited the later hacked code ([https://twitter.com/Darrenlautf/status/1417493473385660433/photo/1 20-7-2021]) of [[Saddle]].
== Roadmap ==
== Usage ==
== Usage ==
* Around [https://blog.goodaudience.com/chainlink-the-missing-piece-to-the-god-protocol-fd455dde92ab 95 percent] (1-11-2018) of [[Ethereum (ETH)|Ethereum]] [[smart contracts]] are built on [https://zeppelinos.org/ ZeppelinOS] libraries.
* Around [https://blog.goodaudience.com/chainlink-the-missing-piece-to-the-god-protocol-fd455dde92ab 95 percent] (1-11-2018) of [[Ethereum (ETH)|Ethereum]] [[smart contracts]] are built on [https://zeppelinos.org/ ZeppelinOS] libraries.
Line 40: Line 35:
== Competition ==
== Competition ==
== Pros and Cons ==
== Pros and Cons ==
== Team, investors, Partnerships, etc. ==
== Team, investors, Partners ==


=== Team ===
=== Team ===

Latest revision as of 03:56, 15 August 2022

Basics

Audits

  • Also does security audits. Here is one on Compound.
  • "Developers working for startup OpenZeppelin found vulnerabilities in Move. “The vulnerability in the Move IR compiler allows malicious actors to introduce executable code to their smart contracts disguised as inline comments,” OpenZeppelin’s CEO Demian Brener told CoinDesk. Brener said the code was disclosed to Libra Aug. 6, with the Libra team evaluating and fixing the bug over the following month. As of Sept. 4, the patch was reviewed and confirmed to be fixed by OpenZeppelin."
  • ERC777 had two exploits (19/20-4-2020), on which OpenZepplin published an exploit on last summer.
  • Opyn had an audit by OpenZeppelin and still got hacked, however it was reported that the exploit was outside (5-8-2020) of the audit’s scope.
  • Audited the later hacked code (20-7-2021) of Saddle.

Tech

Their Projects

Defender

"OpenZeppelin Defender allows projects to get products to market faster and minimize security risks by providing a development platform with built-in security best practices."

Forta

"Decentralized runtime security protocol for smart contracts, incubated by OpenZeppelin. Protocols, DAOs, investors and individuals can use Forta to monitor transaction activity and receive alerts on security, financial, operational and governance related events on Layer 1s, Layer 2s and sidechains."

Usage

Clients

Competition

Pros and Cons

Team, investors, Partners

Team

  • Team members are spread across multiple locations, including San Francisco, New York, Buenos Aires, Punta del Este, Melbourne, Milan, Tokyo, Moscow, San José de Costa Rica, and Toronto.
  • Has a sizeable team, but doesn't say anything about each persons position in the company on their website.
  • Demian Brener; CEO
  • Austin Williams; security researcher
  • Received (9-2019) an investment of from Coinbase.

Investors / Funding

Partners