FEI Post Mortem

On Sunday May 2nd, 2021, the Fei Labs team identified an economic vulnerability that affected the Fei Protocol, which would have allowed an attacker to drain funds from the ETH-FEI Uniswap pool. The team immediately paused the relevant functionality, and no funds were lost. The Fei team reached out to the OpenZeppelin team, and we worked together to ensure a secure fix for the issue was found.

Workshop Recap: Managing Smart Contract Upgrades

Upgradeable contracts allow us to alter a smart contract to fix a bug, add additional features, or simply to change the rules enforced by it. Smart contract upgrades can be managed using OpenZeppelin Defender.

Workshop Recap: Setting Up Access Control for Smart Contracts

Access control—that is, “who is allowed to do this thing”—is incredibly important in the world of smart contracts. The access control of your contract may govern who can mint tokens, vote on proposals, freeze transfers, and many other things. It is therefore critical to understand how you implement it, lest someone else steals your whole system.

Holdefi Audit

Holdefi is a lending platform where users can hold their assets and earn interest or borrow tokens and repay them after a specific period of time. Anyone can supply assets to Holdefi's liquidity pool and immediately begin earning interest.

Admin Accounts and Multisigs

Best practice for securing admin accounts is to use a multisig (short for multi-signature wallet). A multisig is a contract that can execute actions, as long as a predefined number of trusted members agree upon it.

Workshop Recap: Service Monitoring and Emergency Response with Defender

The DeFi space, and recently the NFT space, have continued to see a variety of exploits and even insider attacks resulting in vault losses, unexpected liquidations, and fraudulent token mints. OpenZeppelin Defender can help teams detect these types of attacks and abnormal behavior and automatically respond to quickly mitigate the attack.

Introducing Defender Sentinels – Smart Contract Monitoring & Emergency Response

Today we are announcing the release of a new app, called Sentinels, to help prevent ongoing attacks and exploits in the DeFi space. The app is part of the OpenZeppelin Defender platform, a security operations suite for Ethereum already being used by leading DeFi and NFT teams such as Opyn, Synthetix, TheGraph, PoolTogether, Yearn.Finance, Foundation Labs, and dYdX.

Workshop Recap: Cheap contract deployment through Clones

Clones (minimal proxies) as described in ERC1167, are very small, and cheap to deploy, smart-contracts that delegate all incoming calls to an implementation (template) contract containing the functionality.

Workshop Recap: Gasless MetaTransactions with OpenZeppelin Defender

Gasless MetaTransactions with OpenZeppelin Defender. The workshop covers the following: Intro to MetaTransactions; How to accept meta-txs in a contract using OpenZeppelin Contracts; Relay meta-txs using Defender Autotasks and Relayers; Send meta-txs from your dApp;
You can watch the video, view the slides, try the demo app and setup your own relayer and app using the code from the workshop.

Introducing OpenZeppelin Defender

Ship faster with lower risk. Automate your Ethereum operations to deliver high-quality products faster with less risk to users.