On September 15, the roadmap proposal for Zeppelin, a MIT licensed open source framework for building secure smart contracts, was published. This comes at an appropriate time as evidenced by the number of talks and discussions at DevCon2 surrounding formal verification of smart contracts.
Demian Brener and Manuel Aráoz, founders of Smart Contract Solutions, are pioneering the effort around Zeppelin. Zeppelin is a community effort to enable the development of secure, tested and audited smart contract code. Earlier this year, "The DAO", the largest smart contract application to date, was hacked for $60M by exploiting a loophole in its smart contract. This has justified many concerns in the community bringing formal verification to the forefront.
In the beginning, Zeppelin will be focused on building tooling for Solidity, since Ethereum is the most popular smart contract development platform. During the announcement, Brener mentioned the following modules will be implemented for Solidity:
- Pull payment helpers: Lots of security problems (including the infamous TheDAO hack) can be prevented by using a pull payment strategy (as opposed to pushing payments with
send). We already have a simple PullPaymentCapable.sol contract, but more comprehensive tools, documentation and examples are needed.- Contract life-cycle tools: Most contracts nowadays are deployed to the blockchain without much thought about what will happen to them in the future. We’d love to build tools to better manage several contract death strategies, contract transfer of ownership, contract pausing and resuming, contract upgradeability, etc.
- Fault tolerance and automatic bug bounties: Automatic detection of faults, and tools to recover from inconsistent states. Simple tools to limit the amount of funds managed by contracts. We’re also working on, and looking to improve, bug bounty contracts to have automatic payouts to security researchers that can break our contract’s invariants.
- Resusable basic components: Many common modules are still reimplemented from scratch for each new project. We’re looking to build standard contracts for token issuance, crowdfunding, voting, betting, payroll, revenue sharing, etc.
- Explore formal verification ideas: Formal verification of contracts is an active research area. Integrating this work into Zeppelin can provide interesting security guarantees to our contracts. Formal verification means statically analyzing contract code to formally prove correctness and/or problems.
- Better oracle interfaces: An important part of smart contract development is how to interact with off-blockchain data sources. An interesting idea to explore is to do inversion of control, where oracles call contracts (to communicate outside truths) through a common interface method, and can implement their oracle logic as wanted: trusted expert, closed voting, open voting, API wrapper. Instead of contracts requesting data from oracles, oracles inform contracts of data changes.
- Better code reuse tools: Current Solidity code reuse is based on copy-pasting or downloading existing code from other repositories. Mature ecosystems have good code repository management systems such as NodeJS’ npm or Ruby’s gems. An interesting variation in Ethereum is the possibility of reusing code already deployed to the blockchain. We’re planning to build tools that allow to easily link your contracts to deployed libraries.
These are based on common contract security patterns. Zeppelin integrates with Truffle, the primary build framework used by Ethereum developers. Early adopters can ask questions or track progress on the Zeppelin Slack channel as well as study its use in the BlockParty project. The first public release is slated for November and will be accompanied by a Zeppelin-based real DAO.
In the future, Zeppelin intends to support other blockchain platforms such as Bitcoin, Tendermint, Bloq Ora etc.