System Upgrades

Explore the structured approach to system upgrades in ZKsync Era, including the roles of different branches and the audit process to ensure security and reliability.

The system contracts at ZKsync Era are pivotal for the functionality and security of the platform. To ensure that these contracts meet the highest standards of security and reliability, a rigorous update and audit process is followed. Here's a detailed breakdown of the system upgrade process for ZKsync Era.

Main branch

The main branch of the system contracts repository serves as the production-ready codebase. It contains the latest, most stable version of the protocol that has passed through all required audits. This branch represents the secure backbone of ZKsync Era, ready for deployment.

Development branch

The dev branch is where active development occurs. All the latest changes and innovative updates are first pushed here. Developers should base new pull requests for system contract changes on the dev branch to ensure all modifications align with the most recent developmental efforts.

Release branches

When a new release is planned, a specific branch named release-vX-<name> is created off the dev branch. This naming convention includes the version number (X) and a descriptive name for the release. The release process is structured to maintain clarity and order, ensuring systematic updates:

  1. Branch Creation: Initiate from the dev branch.
  2. Pull Requests: Target the new release branch towards main or a preceding release branch if the latter hasn't been merged into main.

Audit and integration

Once a release branch is ready, it undergoes a thorough audit. Post-audit, any necessary changes identified during the audit are implemented to enhance security and performance. After finalizing the audit adjustments:

  • The release branch is merged back into the dev branch to consolidate all updates.
  • Following the finalization of the release, the main branch is updated to reflect the new changes, ensuring it remains the definitive source for production deployment.
  • To maintain consistency and incorporate non-auditable updates like documentation or scripts, the main branch should periodically merge back into the dev branch.

Handling unaudited code

For updates that do not require an audit, such as documentation changes or script adjustments, direct merges into the main branch are acceptable. This strategy helps in keeping the main branch up-to-date with all non-critical updates, which are then synchronized across other branches.


The structured upgrade process at ZKsync Era not only ensures that system contracts are robust and secure but also maintains a clear pathway from development to deployment. This process underscores ZKsync Era's commitment to reliability, security, and continuous improvement in its blockchain solutions.

Made with ❤️ by the ZKsync Community