OpenZeppelin Contracts audit status

Elmer · November 29, 2021, 7:45am

Good day,

I want to create a token using the OpenZeppelin ERC20 contract. I've installed the newest version of openzeppelin-contracts and wanted to see if this latest version has been audited. In the repo the latest audit I can find is from 2018 (https://github.com/OpenZeppelin/openzeppelin-contracts/tree/master/audit).

My question is: Are the newer versions of OpenZeppelin contracts audited? Or should I use the old versions that are audited if I want to assure users that all the code is audited?

Thank you

frangio · December 2, 2021, 3:11am

Newer versions of OpenZeppelin Contracts go through our internal review process but not necessarily through formal external audits.

The code is currently undergoing an audit by Certora.

Newer contracts necessarily are less battle tested and have more risk.

In order to assure your users that all the code is audited, you will likely need to hire an audit for your codebase.

Elmer · December 2, 2021, 9:26am

Thank you for the info!

Topic		Replies	Views
Should OpenZeppelin ERC20 Contracts be audited? Security	2	705	August 2, 2023
OpenZeppelin Contracts - Request for Proposals to Audit Announcements	0	2256	May 26, 2021
Audit already written ERC20 token contract Contracts	6	1653	February 15, 2021
Have been ERC777 audited? Contracts erc777	2	1372	June 14, 2021
Audit openzeppelin v4.x Review Wanted erc20	1	505	March 9, 2022

OpenZeppelin Contracts audit status

Related Topics