OpenZeppelin: a New Standard for Secure Blockchain Applications

Blockchain technology holds the great promise of enabling decentralized protocols, applications and organizations. Much of this enthusiasm is driven by Bitcoin and Ethereum, the main software platforms where these are built.

Yet, we’ve seen $60m+ lost to hacks to blockchain-based projects in the past 6 months. Recent scandals have exposed the high risks and challenges every project faces: how to write simple and secure code that deals with real money.

Still, there are no widely adopted security standards or best practices for projects to follow. There are no tools for developers to easily create, test, verify and audit smart contracts, and do so collaboratively.

We believe that the only way to making this happen is for existing and emerging projects to cooperate and build them.

Enter OpenZeppelin

OpenZeppelin is an open-source framework to build secure smart contracts. It’s meant to provide secure, tested and audited code to enable the new generation of distributed applications, protocols and organizations. OpenZeppelin is a community effort to reduce the hurdle to develop and use them.

Today we are publishing a framework proposal and development roadmap for OpenZeppelin. Feel free to comment and give us feedback.

At Zeppelin Solutions, we believe in an open financial and economic system for the world. We’ve been working on using blockchain technology to improve the experience of creating and running businesses. We plan to use OpenZeppelin as the core technology to achieve this vision.

Any organization can be modeled as a set of contracts and rules that define interactions, rights and obligations between parties. With OpenZeppelin, we aim to model simple business rules with code, turning basic components of an organization into software:

  • Cap table becomes a token management contract
  • Cashflow becomes a fund management contract
  • Payroll becomes a payout contract to operators for their contribution to the organization
  • Invoicing (income generation)
  • Procurement (payouts to suppliers)
  • Assets (possessions)
  • Liabilities (obligations)

In the following months we will be exploring new use cases and business models that would be impossible to accomplish using traditional corporations. For example, we plan to create an organization that automatically assigns tokens to developers based on the number of commits and pull requests they contributed to the project.

OpenZeppelin is open-source and MIT licensed. The Zeppelin Solutions team will be an important part of the OpenZeppelin community. We’ll make use of our 4+ years of experience working with smart contracts, having built applications Proof of Existence, Streamium and libraries Bitcore in the blockchain space. We plan to make money by offering services and security audits to users of the framework.

OpenZeppelin is designed for easy collaboration and auditing. If you are working with or interested in smart contracts and blockchain technology, we invite all:

  • Developers to explore the source code and build distributed apps and organizations with it.
  • Security researchers to explore the source code, give us feedback and report any vulnerabilities
  • Entrepreneurs to get in touch to enhance your project’s security by using OpenZeppelin.