Nothing found.
Latest stories
Augur Core v2 Audit: Components
The Augur team asked us to review and audit a number of components of the Augur Core v2 project. We looked at the code…
Augur Core v2 Audit
The Augur team asked us to review and audit their Augur Core v2 project. We looked at the code and now publish our…
Compound Alpha Governance System Audit
In this audit, we looked into Compound's alpha version of their governance system and its associated COMP token.
More stories
A Year of Research at OpenZeppelin
It's been a busy 2019 for our dearest Research team. These are the main highlights of the year!.
Deep dive into the Minimal Proxy contract
In this deep dive into low-level EVM code, you will learn how to code a Minimal Proxy (EIP 1167) from scratch, no Solidity involved. Finally, we see how to easily deploy the proxy using…
Bounties Network Review Summary
We take a look at Bounties Network implementation of MetaTransactions and find two medium severity issues.
Changing the feedback experience using positive psychology
One of the topics we focused on at OpenZeppelin this year was feedback. We feel that giving and receiving feedback is part of a healthy culture and we want to make sure that we are adding value while…
Reentrancy After Istanbul
How to protect your contracts against reentrancy after Ethereum’s Istanbul hard fork.
Compound Finance – Timelock Audit
The Compound team asked us to audit a patch of their smart contract code. We examined the code and now present our findings.
Microsoft integrates OpenZeppelin Contracts into Microsoft Azure
We are excited to collaborate with Microsoft and announce the launch of the OpenZeppelin Audited Smart Contract library as part of the Microsoft Azure Blockchain Development Kit VSCode plugin!
InstaDApp Audit Summary
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. Here is a summary of our findings.
InstaDApp Audit
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. We examined the code and now publish our results.
Libra’s Move IR Compiler Vulnerability: Technical Description
We describe a vulnerability in the Move IR compiler whereby inline comments can be disguised as executable code.
More stories
A Year of Research at OpenZeppelin
It's been a busy 2019 for our dearest Research team. These are the main highlights of the year!.
Deep dive into the Minimal Proxy contract
In this deep dive into low-level EVM code, you will learn how to code a Minimal Proxy (EIP 1167) from scratch, no Solidity involved. Finally, we see how to easily deploy the proxy using…
Bounties Network Review Summary
We take a look at Bounties Network implementation of MetaTransactions and find two medium severity issues.
Changing the feedback experience using positive psychology
One of the topics we focused on at OpenZeppelin this year was feedback. We feel that giving and receiving feedback is part of a healthy culture and we want to make sure that we are adding value while…
Reentrancy After Istanbul
How to protect your contracts against reentrancy after Ethereum’s Istanbul hard fork.
Compound Finance – Timelock Audit
The Compound team asked us to audit a patch of their smart contract code. We examined the code and now present our findings.
Microsoft integrates OpenZeppelin Contracts into Microsoft Azure
We are excited to collaborate with Microsoft and announce the launch of the OpenZeppelin Audited Smart Contract library as part of the Microsoft Azure Blockchain Development Kit VSCode plugin!
InstaDApp Audit Summary
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. Here is a summary of our findings.
InstaDApp Audit
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. We examined the code and now publish our results.
Libra’s Move IR Compiler Vulnerability: Technical Description
We describe a vulnerability in the Move IR compiler whereby inline comments can be disguised as executable code.