OpenZeppelin 2.0 RC 1, a framework for writing secure smart contracts on Ethereum, is out!

2 min read

After concluding the release cycle of version 1.0 last month, OpenZeppelin marked the start of another release cycle by launching OpenZeppelin 2.0 RC 1 on September 7th. This release is aimed to deliver reliable updates to their users, unlike some of the earlier releases, which were backwards-incompatible.

OpenZeppelin is a framework of reusable smart contracts for Ethereum and other EVM and eWASM blockchains. You can build distributed applications, protocols, and organizations in Solidity language.

What’s new in OpenZeppelin 2.0 RC 1?


  • This release provides a more granular system of roles, like the MinterRole. Similar to Ownable, the creator of a contract is assigned all roles at first, but they can selectively give them out to other accounts.
  • Ownable contracts is now moved to role based access.
  • To increase encapsulation, all state variables are now private. This means that derived contracts cannot directly access the state variables, but have to use getters.
  • All event names have been changed to be consistently in the past tense except those which are defined by an ERC.
  • ERC721 is now separated into different optional interfaces – Enumerable and Metadata. ERC721Full has both the extensions.
  • In SafeMath, require is used instead of assert.
  • The ERC721.exists function is now internal.
  • Earlier, SplitPayment allowed deployment of an instance with no payees. This will cause every single call to claim to revert, making all Ether sent to it lost forever. The preconditions on SplitPayment constructor arguments are now changed to prevent this scenario.
  • The IndividuallyCappedCrowdsale interface is simplified by removing the concept of user from the crowdsale flavor. The setGroupCap function, which takes an array is also removed, as this is not customary across the OpenZeppelin API.
  • ERC contracts have all been renamed to follow the same convention. The interfaces are called IERC##, and their implementations are ERC##.
  • ERC20.decreaseApproval is renamed to decreaseAllowance, and its semantics are also changed to be more secure.
  • MerkleProof.verifyProof is renamed to MerkleProof.verify.
  • ECRecovery is renamed to to ECDSA, and AddressUtils to Address.


  • ERC165Query is added to query support for ERC165 interfaces.
  • A new experimental contract is added to migrate ERC20 tokens with an opt-in strategy.
  • A modulo operation, SafeMath.mod is added to get the quotient.
  • Added Math.average.
  • Added ERC721Pausable.


  • Restriction on who can release funds in PullPayments, SplitPayment, PostDeliveryCrowdsale, RefundableCrowdsale is removed.
  • ERC20Basic is removed, now there’s only ERC20.
  • The Math.min64 and Math.max64 functions are now removed,  left only the uint256 variants.
  • The Mint and Burn events are removed from ERC20Mintable and ERC20Burnable.
  • A few contracts that were not generally secure enough are removed: LimitBalance, HasNoEther, HasNoTokens, HasNoContracts, NoOwner, Destructible, TokenDestructible, CanReclaimToken.

You can install the release candidate by running the npm install [email protected] command.

To read more about OpenZeppelin 2.0 RC 1, head over to OpenZeppelin’s GitHub repository.

Read Next

The trouble with Smart Contracts

Ethereum Blockchain dataset now available in BigQuery for smart contract analytics

How to set up an Ethereum development environment [Tutorial]