Welcome to the ZEP private beta! During the upcoming months, we will be releasing new features built on the ZeppelinOS ZEP token, aimed at building a secure ecosystem of shared smart contract code. And we need your help to bootstrap this community!
How the ZEP token works
You can read the in-depth description here, but to make a long story short, different types of users engage in the ZEP token network. EVM package developers share their code on the ecosystem, and vouch for the security of their packages using ZEP. Application developers make use of these packages, and signal their support for the dependencies they use by also vouching ZEP for them. Security researchers review the packages available, and report vulnerabilities to them, reaping a portion of the ZEP staked as a reward.
How to participate
We are really excited to have over 100 participants onboard! Over the course of the following months, we will be building the initial ZEP network. As the beta finishes and we open up the game to the entire community, it will be your packages and contributions spearheading the movement, and acting as a reference for the new people as they join.
At the same time, we are looking for all the feedback we can gather to improve the network. This includes bug reports, feature requests, ideas, discussions, proposals, contributions, documentation, guides, sample apps, and anything that comes to mind. This applies to both the ZEP token mechanics and to ZeppelinOS in general! You can use this forum for discussion, sharing your thoughts, or file an issue on the github repository for more technical matters like bugs.
All discussions here will be open to the community in general, regardless of them being part of the private beta or not, but we are particularly interested in your thoughts as the first users of the ZEP token!
Getting started & next steps
As a first step to participate on the beta, start by creating your first ZeppelinOS project if you haven’t done so, and get familiarised with the tool. The ZeppelinOS toolchain allows you to transparently manage upgradeable smart contracts in your application, as well as reusing and publishing on-chain code in the form of EVM packages.
The next steps will depend on how you want to participate on the community: as an EVM package developer, as user building their apps using ZeppelinOS, or as a security researcher identifying vulnerabilities.
If you are an EVM package developer, start today by building your own EVM package, and publishing it to testnet and mainnet for others to use. Share your progress with the rest of the community here! And note that the package will be available for the community in general, not just for the private beta participants, so your code will be reaching all ZeppelinOS developers out there.
If you are a user building on ZeppelinOS, check out the list of EVM packages available, and connect to them from your project. Feel free to ask any questions about ZeppelinOS development in the forum, and make any request to EVM package developers for features you’d like to see implemented!
If you are a security researcher, keep an eye out on the EVM packages under development, and start reporting vulnerabilities to the developers. Even if the ZEP token mechanic for assigning rewards is not yet available, we will retroactively reward researchers who start reporting early by awarding them with additional tokens.
Roadmap & token distribution
During the first quarter of 2019, we will be gradually rolling out new features for each user group. As the feature becomes available, we will also send ZEP tokens to the users who are ready to participate!
We will start by setting up an on-chain registry of available EVM packages. Publishing your package on this registry requires you to vouch ZEP tokens, so we will be sending tokens to all the private beta users who have made their EVM packages available on mainnet.
Next step is to allow for application users to signal their support for the EVM packages they rely on. As these projects become online on the Ethereum network, we will send tokens to them so they can vouch for the packages they use as dependencies, or any other packages they like! This will create a ranking of EVM packages based on ZEP token vouching.
Having an ecosystem of ZEP-vouched EVM packages, we will then implement the required mechanics for security researchers to report vulnerabilities on them. Since reporting an issue on a package requires to stake ZEP behind the challenge, we will send tokens to the researchers so they can start their work. And any researcher who reported vulnerabilities earlier in the process will be assigned more tokens, as an appreciation for their contribution.
Last but not least, as a legal requirement for receiving the tokens, we will need you to verify your identity, as part of a standard KYC/AML process. We will share more information on this soon.
Share your thoughts
As we mentioned, we want to hear about you! Please introduce yourself in the introductions thread and share your thoughts or any questions you may have about the next steps or the roadmap in this thread. We will be updating this post as we receive your input. And do post any technical questions or ideas you may have in the forum - let’s get this conversation started!