The security standard for onchain finance. $35 trillion+ in value transferred secured since 2015 for the institutions and innovators shaping global finance.
Introducing The Onchain Brief: OpenZeppelin's monthly newsletter on onchain security, compliance, and the convergence of traditional and blockchain-native finance.
Each edition covers security frameworks, institutional risk, regulatory developments, and insights from the teams building and securing critical financial infrastructure.
Subscribe here ↓
openzeppelin.com/newsletter
A point-in-time security audit secures your system as it is that day. The next release changes it.
Onchain systems evolve constantly, and the risk runs beyond the contract layer.
We designed the Continuous Security Program to keep that coverage across the full lifecycle ↓
👀 Here's a walkthrough of @OpenZeppelin's Confidential Token demo on Stellar Testnet
Starting with three roles to get familiar with: Account Holder, Verifier and Auditor
For this demo you need two wallets (accounts) 🧵👇
👀 Tune in to Developer Preview on Thursday 2nd July @ 4:00 PM UTC
@AVotoFuture Senior PM @StellarOrg joins @boyanxyz Senior OSS Developer @OpenZeppelin to walk through the architecture, design choices, and the importance of this release.
The session will be streamed on X, Youtube and Stellar Developers discord.
Whether it's payments, treasury, or settlement, onchain financial activity needs privacy.
Confidential Tokens bring that to @StellarOrg testnet 💫
Our implementation wraps any SEP-41 token to keep balances and amounts private, with a full compliance suite built in.
🔐 Today we're introducing our latest privacy feature: Confidential Tokens
A contract suite from @OpenZeppelin, with an UltraHonk verifier implemented by @Nethermind, adding private balances and private transfer amounts to any SEP-41 token.
Available on Testnet👇
Deposit Confidential Tokens with @zama on Morpho
Institutional allocators, corporate treasuries and market participants can earn yield from @SteakhouseFi curated Morpho Vaults without disclosing their balances or strategies
The @SuiNetwork trading bot (AMM) reference build supports multiple trading strategies out of the box.
The same module can run at low, medium, or high risk depending on how you configure it.
Full walkthrough ↓
Meet a new starter app on @SuiNetwork: an onchain trading bot (AMM) with real-time quote updates.
This reference build gives you audited, production-ready patterns for the best spread configuration, @DeepBookonSui order management and single-transaction quote refresh (PTB).
Traditional finance is moving onchain, and the institutions leading that shift need infrastructure they can trust and security they can stand behind.
Together with @OpenAssetsInc we're helping make tokenization something institutions can adopt with confidence from day one.
Institutional capital moves onchain when the contracts behind it meet the security bar capital markets require.
OpenAssets has formed a strategic partnership with @OpenZeppelin. Customers now gain streamlined access to OpenZeppelin's security validation in the same motion as deployment.
OpenZeppelin x @Zama Confidential Contracts v0.5.0 is live
The confidential RWA toolkit gets new controls 🔐
Limit balances and holder counts, recover tokens, and add custom rules, while keeping data encrypted.
Details ↓
github.com/OpenZeppelin/open…
For banks building onchain, the decisions that most determine whether a program is defensible are made before a line of code is written. By the time any security review is underway, upgrade governance, key management, and access control architecture are largely fixed.
A single compromised key can change live contract logic before anyone can respond, if upgrade governance wasn't designed in from the start.
Security at the architecture stage means findings can be remediated before they become permanent.
Read more ↓
openzeppelin.com/news/the-ar…
Tokenized treasuries, private credit, and regulated funds often settle over days, a timeline synchronous onchain vaults weren't designed for.
We've merged an implementation of ERC-7540 with support from @tokenizedvault members @centrifuge and @superformxyz to solve this.
First confidential gateway to ERC4626 vaults, powered by @OpenZeppelin batcher primitive + @zama fhe coprocessor
next iterations will included vaults with native ERC7984 support and global netting for the whole encryp/decrypt boundary
OpenZeppelin Move Contracts for @SuiNetwork shipped v1.3
Bring the latest audited foundations to your Sui app:
➝ Rate limiting
➝ Role-based Access Control
➝ DeFi math primitives for AMM swaps and bonding curves
Full changelog ↓
github.com/OpenZeppelin/cont…
Great to join the Open Standards for Programmable Finance panel at Onchain Finance 2026 in São Paulo and share the stage with @gaborgurbacs, @SophiaLopez, @SuiNetwork’s Henrique Teixeira and @danielabarbosa.
Institutions in Brazil are moving onchain fast. The standards underneath it are still being written. That gap is what we work on at @OpenZeppelin.
Thank you to the entire @valorcapgroup team for a great week, and Safra, @BTGPactual and @itau for hosting us.
An open-source contracts library, reference implementations, and developer tooling for Canton, backed by the security standard behind $35T in value transferred onchain.
@OpenZeppelin is building the secure development foundation for institutional applications on Canton.
↓
OpenZeppelin is bringing its security standard to @CantonNetwork
We're building a secure contracts library, reference implementations, and developer tooling for Canton's privacy-first ecosystem, engineered for the most critical institutional use cases.
Every team at a financial institution runs on established frameworks. Compliance has its mandates, risk has its controls, and technology has its development standards.
Blockchain introduces a new paradigm that cuts across all of them.
We broke down what security standards actually mean for institutions building onchain: the code, the operation, and the compliance posture.
Read more here ↓
openzeppelin.com/news/what-s…