San Francisco, August 29th, 2023, — OpenZeppelin, a leading provider of blockchain security solutions, today announces the new 2.0 version of Defender, the mission-critical developer security platform, designed for coding, auditing, deploying, monitoring, and confidently operating blockchain applications — a crucial factor within an industry comprising over 23,000 monthly active developers.
Developers from top crypto protocols, such as Compound Finance and Matter Labs already use Defender for ongoing monitoring of threats and automation of community governance proposals, and institutions, such as ANZ, the largest institutional bank in Australia utilized Defender to launch A$DC, the first bank-issued stablecoin in compliance with evolving regulations.
Resulting from 7 years of developing and auditing over 370 of the world’s most popular smart contracts, Defender 2.0 greatly builds on this success, enabling development and security teams to improve security at each stage of the development process.
The release of Defender 2.0 comes at a critical juncture in the blockchain sector’s maturity. Research from the Bank of America suggests asset tokenization could reach $16tn in value in the next 15 years.
Simultaneously, over 130 countries — representing 98 percent of global GDP — are exploring a central bank digital currency (CBDC). With these developments relying heavily on nascent blockchain technology and smart contracts, in particular, it’s critical that security meets the pace of innovation.
Especially as the costs of exploited code in high-risk sectors, like blockchain and cryptocurrencies, continue to rise, July 2023 had losses totaling $486 million recorded. OpenZeppelin has discovered that exploited projects could have dramatically reduced losses by implementing secure development processes, robust operational security, and instant detection and response to incidents. Defender 2.0 makes it easy and fast for developers and operators to prevent and fix security issues pre- and post-deployment.
This holds immense significance, considering an exploited vulnerability within a smart contract deployed by institutions could severely undermine the industry’s credibility, not to mention put funds at risk.
The result is Defender 2.0, which embeds OpenZeppelin’s industry-leading expertise and world-class intelligence across all stages of decentralized projects’ lifecycles. Further, the upgraded Defender platform is designed to bridge the very best from Web2 security practices into the world of Web3.
“Defender 2.0’s ultimate goal is to help developers make their smart contracts as secure as possible at all stages — from development to deployment and production,” said Demian Brener, Founder of OpenZeppelin. “By combining so many unique features in one place, Defender 2.0 reimagines how blockchain builders tackle development, deployment, monitoring, and response — offering a seamless, convenient, and universal solution. By incorporating security early on in the development process, builders will be able to ship faster and more safely.”
OpenZeppelin Defender already supports 30+ mainnet and testnets, including Ethereum, Polygon, Arbitrum, Optimism, Base, and zkSync Era among others. With Defender 2.0 already amassing a number of initial users, including prominent blockchain companies such as Matter Labs, TheGraph and Mean Finance.
Defender 2.0 consists of four major components, each with its own specialized purpose:
- The Code module provides developer-friendly automatic code analysis powered by OpenZeppelin’s machine learning models and state-of-the-art tools. For every push to code on GitHub, the Code module identifies potential vulnerabilities and suggests improvements to enhance the code quality.
- The new Audit module allows developers to easily track issues and resolutions, and interact directly with auditors for faster and more efficient communication. By streamlining the process, auditors can focus their time on finding the most critical bugs, yielding better results for projects. This module also provides teams with actionable recommendations to better prepare for an audit and thus optimize their time and budget.
- The Deploy module provides a series of automated features for a secure smart contract deployment and upgrade processes. It ensures that teams execute the deployment or upgrade in compliance with all security practices to minimize risk while avoiding unnecessary delays and post-deployment surprises. The Deploy module also integrates with Safe app and Fireblocks for multisig and MPC wallet approvals.
- A final Monitor, Respond, and Operate module for instant detection and response is built in, enabling teams to efficiently spot, prevent, and respond to ‘black swan’ events, the nature of which can be catastrophic for users and developers alike. Users are granted full visibility into smart contracts’ risks and behaviors, and are provided with the right tools to react in case of an incident.
Beyond incident detection and remediation, projects can also extend the Defender 2.0 platform with custom code, using the new Actions module to automate workflows for both on-chain and off-chain operations.
Defender 2.0 can also be implemented and extended using OpenZeppelin’s team of world-class security experts, who can work alongside organizations to move through each phase of the development lifecycle including: audits, advisory, threat modeling, system integration, and incident response preparation services.
While Defender 2.0 is already fully operational, the launch is positioned as a beta to emphasize responsible development practices and note ongoing feature enhancements. Initially, OpenZeppelin is inviting selected customers and community projects to begin using the platform.
To explore the benefits of using Defender 2.0 and learn how it can help strengthen your project’s security, please visit: https://www.openzeppelin.com/
