Early last month, the team at OpenZepplin announced their first release candidate ‘OpenZepplin 2.0 RC1’. Yesterday, the team released a completely stable, audited, and fully tested package of this framework.
OpenZeppelin is an open-source framework to build secure smart contracts for Ethereum and other EVM and eWASM blockchains. This framework provides well tested and audited code to secure blockchain-based projects. It caters to a new generation of distributed applications, protocols and organizations to counter the high risks and challenges faced while writing simple and secure code that deals with real money.
One of the major updates of this release is that OpenZeppelin 2.0 now comes with a stable API to deliver reliable updates. The previous releases of OpenZeppelin have almost always encountered a change in its API. This has helped the team come up with multiple ideas for the framework. The experimental contracts in the drafts/ subdirectory can, however, experience changes in their minor versions. With the growing size and complexity of smart contract systems, developers can use this framework as a predictable interface to design vulnerability free contracts.
The team plans to release more information on the Stable API in the following weeks.
The team has been improving the OpenZeppelin’s test suite over time. OpenZeppelin 2.0 now has 100% test coverage. Every line of code in the package is now automatically tested.
LevelK team audited the OpenZeppelin 2.0.0 Release Candidate and found some severe issues. They then went on to suggest many improvements which helped fix almost all the issues and notes reported. Users are requested to check out the LevelK Audit - OpenZeppelin 2.0 project for all the details. The audit has helped the team secure the code further and help future developers easily deploy these contracts as they are intended to be used.
In addition to a stable API and an improved test suite, the version update comes with new concepts and designs along with many renames and restructures. These include changes like Ownable contracts moving to a role based access . Derived contracts cannot access state variables directly- as they are now private - use of getters is important. This was done to increase encapsulation. The team has also removed a few contracts that are not secure enough. For instance: LimitBalance, HasNoEther, HasNoTokens, HasNoContracts, NoOwner, Destructible, TokenDestructible, and CanReclaimToken stand removed.
You can check all of these upgrades as well as the entire changelog at Github. Alternatively, head over to their blog for more insights on this release.
Ethereum Blockchain dataset now available in BigQuery for smart contract analytics
Will Ethereum eclipse Bitcoin?
The trouble with Smart Contracts