OpenZeppelin Blog

New Tools to Securely Manage Smart Contract Upgrades - OpenZeppelin blog

Written by OpenZeppelin | August 18, 2020

We are excited to announce that we have partnered with Truffle, Nomic Labs (buidler) and Gnosis Safe to release two plugins and a new app to securely deploy and manage upgradeable smart contracts. Please read the full press release below.

OpenZeppelin has released a new set of tools in partnership with Truffle, Nomic Labs and Gnosis Safe to make it easy to deploy and manage upgradeable smart contracts. Upgradeable smart contracts have become an important innovation in the Ethereum space, allowing developers to upgrade or modify their code to fix bugs or add additional features. The new tools include a multi-sig app on the Gnosis Safe platform that enables teams to collectively manage the upgrades process, and plugins that make it easy for developers to deploy OpenZeppelin’s contracts through Truffle and Nomic Labs’ buidler, the most widely used platforms for deploying smart contracts. All three tools went live today and are available for developers to use.

“We are excited to work with the Gnosis, Truffle and Nomic Labs teams to expand the options that developers have to securely deploy upgradeable smart contracts,” said Jonathan Alexander, CTO of OpenZeppelin. “The blockchain space is developing quickly, and our goal is to make sure that it develops securely. By adding secure upgrade support in leading tools we hope to help move the industry forward.”

As of today, teams can access the multi-sig app on the Gnosis Safe platform. Using the app, development teams now have a simple interface to upgrade a contract and designate specific wallets that must sign off on the upgrade before it goes live. Multi-sig functionality is critical to the security operations of any project, enabling teams to require the signoff from all responsible stakeholders before the upgrade is able to go live. This feature is especially important with regards to upgradeable smart contracts as the person who controls the upgradeable contract keys has the power to make changes that could impact user funds.

In addition to utilizing the Gnosis Safe app, developers can now seamlessly deploy upgradeable contracts from OpenZeppelin’s audited smart contract library using plugins for Truffle and Nomic Labs’ buidler developer tools. These plugins are a major bridge between OpenZeppelin’s upgradeable smart contracts libraries and the most popular tools that Ethereum developers use to deploy contracts. With these plugins, developers can now seamlessly create and deploy upgradeable contracts from the OpenZeppelin library from within the Truffle and buidler platforms, streamlining the development process and adding a level of security for the end user. The full technical details for utilizing the plugins can be found at OpenZeppelin Upgrades.

“For years OpenZeppelin has provided a best-in-class collection of smart contracts for everything from token implementations to upgradeability, and they’ve been a huge name in smart contract security. It’s been an honor to work with them and we’re thrilled to announce this collaboration,” said G. Nicholas D’Andrea, Head of Engineering for Truffle.

“Our team has been working hard to unlock productivity in the Ethereum ecosystem by improving the platform’s developer experience” said Franco Zeoli, Co-founder and CEO of Nomic Labs. “Our partnership with OpenZeppelin and the integration of the plugin is an exciting expansion of the Buidler ecosystem that is available for developers. We look forward to working more with the OpenZeppelin team to safely grow the Ethereum ecosystem together in the future.”