OpenZeppelin's Defender 2.0 uses machine learning for vulnerability detection

Quick Take

  • OpenZeppelin has released Defender 2.0, a platform for end-to-end security for blockchain development.
  • It offers automatic code analysis using machine learning to identify vulnerabilities in smart contracts.

Crypto security firm OpenZeppelin has unveiled Defender 2.0, designed to support the entire development lifecycle of blockchain applications and bring web2 security best practices into web3.

The upgraded security platform aims to assist an estimated 23,000 monthly active blockchain developers, according to the firm. It supports coding, auditing, deploying, and monitoring of their decentralized applications.

Defender 2.0 consists of four primary components. Its Code Module offers automatic code analysis using machine learning to identify vulnerabilities and suggest improvements. The Audit Module aids communication between developers and auditors, focusing on critical bugs and providing actionable recommendations. Then, the Deploy Module helps ensure secure smart contract deployment, and upgrades. Finally, the Monitor, Respond and Operate Module allows teams to instantly detect and respond to potential threats, offering insights into smart contract risks and behaviors.

Defender 2.0’s ultimate goal is to help developers make their smart contracts as secure as possible at all stages — from development to deployment and production, OpenZeppelin founder Demian Brener said. 

Defender supports several blockchains, including Ethereum, Polygon, Arbitrum, Optimism, Base, and zkSync. 

Crypto exploits hit largest in 2023

In July, the crypto market experienced its largest monthly losses this year, with $390 million stolen due to exploits, according to security analysts at De.Fi. An exploit on Multichain’s cross-chain bridge resulted in $231 million in aggregate losses. This adds to around $3 billion in funds stolen by DeFi attackers to date.

OpenZeppelin stated that these losses could have been significantly reduced with the right security measures in place.

While Defender 2.0 is fully operational, its launch is positioned as a beta to “emphasize responsible development practices and note ongoing feature enhancements,” the company added. OpenZeppelin is initially inviting select customers and community projects to begin using the platform.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.