Updated:
OpenZeppelin
OpenZeppelin, founded by Demian Brener in 2015, underpins $33T in onchain value with its open-source contracts library and security auditing practice.
OpenZeppelin
Demian Brener established OpenZeppelin in 2015, a year when smart-contract security was barely formalized. The firm shipped its open-source Contracts library in 2016, which became the standard build tool for Solidity and Cairo developers. By 2025 it recorded that 64% of active wallets had interacted with a contract derived from its code — a structural embedding few developer-tool companies achieve. OpenZeppelin generates revenue through institutional-grade security audits, the Defender cloud platform for transaction relaying and monitoring, and advisory on DAO governance and incident response. Its audit practice has reviewed over 1 million lines of code, protecting more than $250 billion in total value locked across DeFi, tokenized funds, and layer-2 ecosystems. Confirmed partners include the Ethereum Foundation, Uniswap Foundation, ZKsync builder Matter Labs, Arbitrum, StarkWare, and Stellar — reflecting a footprint across Ethereum, ZK-rollup, and alternative layer-1 environments. The firm also entered zero-knowledge-proof audits in 2024, expanding its technical surface. OpenZeppelin is a globally distributed firm headquartered in the Bay Area; its management team of seven has dedicated roles spanning security research, engineering, customer operations, and legal. In 2024 the firm released Contracts 5.0 and completed its first ZKP audit, signaling a shift beyond Solidity dominance. Adjacent public goods include the Ethernaut security game, which surpassed 140,000 plays, and ERC standardization work on account abstraction and metatransactions. The firm participates in security collectives EthTrust and SEAL 911. OpenZeppelin's commercial posture fuses an open-source public-commons layer with a proprietary enterprise services stack on top. The Contracts library is free and auditable; clients that want continuous surveillance, rapid-incident response, or complex custom-audit capacity pay for Defender and professional services. That architecture creates a funnel: every protocol building with OpenZeppelin contracts is a potential security-services client, but the firm’s ubiquity also makes it a single point of dependency for the onchain financial system.
General information
Firm type
Asset Manager
Year founded
2015
AUM
Undisclosed
Location
Region
North America
Country
United States
City
Menlo Park
Corporate office
Menlo Park, CA, United States
Principals
Demian Brener
Founder & CEO
Barry Duplantis
COO
Steve Gant
CGO
Jonathan Alexander
CTO
John Neufeld
General Counsel
Natalia Roose
VP of Customer Operations
Jota Carpanelli
VP of Professional Services
Sector focus
Frequently asked questions
Is OpenZeppelin a security auditor or an infrastructure company?
Both. The firm’s open-source Contracts library is free infrastructure that 64% of active wallets interact with. On top of that, it sells professional security audits, a Defender operations platform for transaction relaying and monitoring, and advisory services. The library creates the funnel; the paid services monetize the most demanding compliance and security needs.
What is the scale of assets secured by OpenZeppelin audits?
OpenZeppelin reports that security audits have protected over $250 billion in total value locked. The Contracts library has facilitated more than $33 trillion in cumulative value transferred onchain, driven by its adoption as the default standard for stablecoins and tokenized funds.
Which major protocols or foundations rely on OpenZeppelin?
Disclosed relationships include the Ethereum Foundation, Uniswap Foundation, ZKsync (Matter Labs), Arbitrum, StarkWare, Stellar, and The Graph. Nine of the top ten stablecoins and ten of the top ten tokenized funds by market capitalization are built with OpenZeppelin Contracts.
Does OpenZeppelin participate in zero-knowledge-proof security?
Yes. In 2024 it announced its entry into ZK-proof audits, complementing the existing smart-contract, infrastructure, and governance security review practices. This expands the firm’s coverage beyond Solidity to privacy-preserving and scaling architectures.
What open-source public goods does OpenZeppelin maintain?
Beyond the Contracts library, OpenZeppelin runs Ethernaut, a gamified security education platform with over 140,000 plays. It has contributed to Ethereum standards on account abstraction (ERC-1271), metatransactions (ERC-2771), and upgradeability (ERC-7201, ERC-1967), and participates in the SEAL 911 emergency response collective.
Profile maintained by Altss using OSINT (open-source intelligence), regulatory filings, licensed data partners, and verified direct submissions. Read the methodology. Last updated: . Continuous refresh with full update cycles at least every 30 days.
Need institutional-grade insight on family offices?
Altss delivers:
Prefer a guided tour?
We’ll walk you through: