Nothing found.

Latest stories

A Year of Research at OpenZeppelin

It's been a busy 2019 for our dearest Research team. These are the main highlights of the year!.

Read More

Deep dive into the Minimal Proxy contract

In this deep dive into low-level EVM code, you will learn how to code a Minimal Proxy (EIP 1167) from scratch, no…

Read More

Bounties Network Review Summary

We take a look at Bounties Network implementation of MetaTransactions and find two medium severity issues.

Read More

Our most popular audit reports

Nothing found.

SEE ALL >
More stories

OpenBazaar’s Escrow Audit

The OpenBazaar team asked us to review and audit their Escrow contract, one of several in their framework. We looked at the code and now publish our results.

Getting started with OpenZeppelin-eth

These are great times for smart contract development. The pieces for Ethereum 2.0 are coming together, and new tools and practices are blooming.

Announcing OpenZeppelin 2.0

A stable, audited, and fully tested package for smart contract development

Open source collaboration in the blockchain era: EVM packages

Smart contract development is still in its early days. We’re all still trying to figure out what it will look like and how to polish the developer experience.

The Global Coordination Machine

Few applications need blockchains. Distributed consensus makes each computational step very expensive. Only apps for which users are willing to pay such a cost will make sense in the new…

Deconstructing a Solidity Contract — Part VI: The Metadata Hash

In the last article, we noticed that the runtime bytecode generated by the Solidity compiler appends a strange structure after the function bodies block. You can see this in the deconstruction…

Deconstructing a Solidity Contract — Part V: Function Bodies

The function body is precisely what the function wrappers detour to, after unpacking the incoming calldata. By the time a function body is executed, the function’s arguments should be sitting…

Deconstructing a Solidity Contract — Part IV: Function Wrappers

In the last article, we saw how the function selector acts as a hub or a switch of sorts in our BasicToken.sol contract. It sits at the entry point of a contract and redirects execution to the…

Transaction Permission Layer Protocol v1.0

The Transaction Permission Layer protocol (TPL) is a method for assigning metadata (herein referred to as “attributes”) to Ethereum addresses. These attributes then form the basis for designing…

Compliant Decentralization?: Exploring an Approach to Utility Token Distribution

William Hinman’s recent statements at the Yahoo Finance All Markets Summit provide some guidance for token projects intending to sell tokens as non-securities in the United States.

More stories

OpenBazaar’s Escrow Audit

The OpenBazaar team asked us to review and audit their Escrow contract, one of several in their framework. We looked at the code and now publish our results.

Getting started with OpenZeppelin-eth

These are great times for smart contract development. The pieces for Ethereum 2.0 are coming together, and new tools and practices are blooming.

Announcing OpenZeppelin 2.0

A stable, audited, and fully tested package for smart contract development

Open source collaboration in the blockchain era: EVM packages

Smart contract development is still in its early days. We’re all still trying to figure out what it will look like and how to polish the developer experience.

The Global Coordination Machine

Few applications need blockchains. Distributed consensus makes each computational step very expensive. Only apps for which users are willing to pay such a cost will make sense in the new…

Deconstructing a Solidity Contract — Part VI: The Metadata Hash

In the last article, we noticed that the runtime bytecode generated by the Solidity compiler appends a strange structure after the function bodies block. You can see this in the deconstruction…

Deconstructing a Solidity Contract — Part V: Function Bodies

The function body is precisely what the function wrappers detour to, after unpacking the incoming calldata. By the time a function body is executed, the function’s arguments should be sitting…

Deconstructing a Solidity Contract — Part IV: Function Wrappers

In the last article, we saw how the function selector acts as a hub or a switch of sorts in our BasicToken.sol contract. It sits at the entry point of a contract and redirects execution to the…

Transaction Permission Layer Protocol v1.0

The Transaction Permission Layer protocol (TPL) is a method for assigning metadata (herein referred to as “attributes”) to Ethereum addresses. These attributes then form the basis for designing…

Compliant Decentralization?: Exploring an Approach to Utility Token Distribution

William Hinman’s recent statements at the Yahoo Finance All Markets Summit provide some guidance for token projects intending to sell tokens as non-securities in the United States.