News

Due to the new built-in overflow checks in Solidity 0.8, which mark the end of the `SafeMath` era, this release of OpenZeppelin Contracts is a new major version of the library.

Today we are announcing the release of a new app, called Sentinels, to help prevent ongoing attacks and exploits in the DeFi space. The app is part of the OpenZeppelin Defender platform, a security operations suite for Ethereum already being used by leading DeFi and NFT teams such as Opyn, Synthetix, TheGraph, PoolTogether, Yearn.Finance, Foundation Labs, and dYdX.

We are excited to bring you many new Defender features this month that add powerful functionality to your security operations - all fully included in your Defender account. We built Defender to provide you with a comprehensive platform to automate your smart contract operations, and with these updates you will be able to ship products faster than ever before with built-in security.

OpenZeppelin Contracts 3.4 includes an ERC777 security fix for potential reentrancy issues in custom ERC777 extension, virtual view functions, ERC20 permit in drafts, Beacon proxy, and a Minimal Proxy (Clones) library.

Ship faster with lower risk. Automate your Ethereum operations to deliver high-quality products faster with less risk to users.

The State of Smart Contract Upgrades - 2020 edition
A survey of the different Ethereum smart contract upgrade patterns and strategies from a technical viewpoint, plus a set of good practices and recommendations for upgrades management and governance.

We have partnered with Truffle, Nomic Labs (buidler) and Gnosis Safe to release two plugins and a new app to securely deploy and manage upgradeable smart contracts.

We are releasing two new packages to deploy and manage upgradeable contracts from Buidler and Truffle! With them, you can easily and securely leverage the full flexibility of contract upgrades directly from your Buidler scripts or Truffle migrations.

We are rolling out a Gnosis Safe App for managing proxy-based smart contract upgrades! This allows you to transfer ownership of a proxy or proxy-admin to a Gnosis Safe, and use the app to directly propose an upgrade.

A high-severity vulnerability in the Argent wallet would have allowed attackers to take over wallets with no guardians. User action would have been needed to prevent the takeover attack in less than 36 hours, which then would have opened an alternative Denial of Service (DoS) attack vector with potential to indefinitely freeze their funds.