- Aka ZeppelinOS
- Founded: 2015
- Based in Argentina, the startup makes tools for fast, easy and secure smart contract development on the Ethereum blockchain.
- Gave a presentation (22-2-2020) on 'the flash loan pattern and its security considerations'.
- Also does security audits. Here is one on Compound.
- "Developers working for startup OpenZeppelin found vulnerabilities in Move. “The vulnerability in the Move IR compiler allows malicious actors to introduce executable code to their smart contracts disguised as inline comments,” OpenZeppelin’s CEO Demian Brener told CoinDesk. Brener said the code was disclosed to Libra Aug. 6, with the Libra team evaluating and fixing the bug over the following month. As of Sept. 4, the patch was reviewed and confirmed to be fixed by OpenZeppelin."
- ERC777 had two exploits (19/20-4-2020), on which OpenZepplin published an exploit on last summer.
- Opyn had an audit by OpenZeppelin and still got hacked, however it was reported that the exploit was outside (5-8-2020) of the audit’s scope.
- Audited the later hacked code (20-7-2021) of Saddle.
"OpenZeppelin Defender allows projects to get products to market faster and minimize security risks by providing a development platform with built-in security best practices."
- It is free but closed source.
- From their announcement (30-9-2021):
"Decentralized runtime security protocol for smart contracts, incubated by OpenZeppelin. Protocols, DAOs, investors and individuals can use Forta to monitor transaction activity and receive alerts on security, financial, operational and governance related events on Layer 1s, Layer 2s and sidechains."
- As of 7-2019: Brave, Augur, Ethereum Foundation, Coinbase, Compound, OmiseGo, Cosmos, Dfinity, Status, BitGo and ShapeShift, also (15-1-2020) Aave and (16-1-2020) PoolTogether.
- Has worked (12-2-2020) with Authereum (on Augur)
Pros and Cons
Team, investors, Partners
- Team members are spread across multiple locations, including San Francisco, New York, Buenos Aires, Punta del Este, Melbourne, Milan, Tokyo, Moscow, San José de Costa Rica, and Toronto.
- Has a sizeable team, but doesn't say anything about each persons position in the company on their website.
- Demian Brener; CEO
- Austin Williams; security researcher
- Received (9-2019) an investment of from Coinbase.
Investors / Funding
- Started and is funding TPL Protocol
- Is named as part of the MetaCartel ecosystem (as of 1-2020 on the website)
- It partnered with Chainlink to enable its smart contracts to access data—like the current price of Ether and gas, transaction pool size, and average mining block times on the blockchain. “Outsourcing to a veteran oracle provider means that our team can focus on platform development rather than creating the oracle’s infrastructure,” Zeppelin said in a blog post. Announced: December 2017