The Benefits and Challenges of Implementing Upgradeable Smart Contracts

Aniket Prajapati
2 min readJan 3, 2023

--

Upgradeable smart contracts are smart contracts that allow for their code and/or data to be modified after deployment. This can be useful for making improvements or fixes to a contract without the need to redeploy it and create a new contract on the blockchain.

Proxy contracts are the most popular ways of creating upgradeable smart contracts. Basically, a proxy contract is using delegate call to achieve upgradeability.

A delegate call means running the contract on some other logic but using our own context.

For example:

A -> calls -> B

B -> delegatecalls -> C

Here, B is delegating call to C, which means, code will be executed in C’s context, but state variables will be used from B’s context, which is the whole concept of a proxy contract.

This can be achieved by either manually writing proxy contracts or using libraries like openzeppelin.

Using proxy contract, the smart contracts can be upgradeable by differentiating the code logic/execution in one contract and storing the state variables in another contract, which is the default contract that a user interacts. Therefore, a user unless checks the source code, will not be able to identify if the smart contract is updated.

There are some pros and cons using upgradeable smart contracts:

Pros:

  • The ability to make improvements or fixes to a contract without the need to redeploy it and create a new contract on the blockchain.
  • The ability to roll back changes to a contract if necessary.

Cons:

  • The contract code’s added complexity can make it more challenging to understand and audit.
  • The risk of causing confusion or disruption for contract users if the upgrade process is not handled smoothly.
  • The possibility that the upgrade process could fail, leading to potential loss of funds or other issues.

Using upgradeable contracts also makes it vulnerable to security threats:

  • There is potential for unauthorized upgrades if the contract has proper access control mechanisms.
  • The potential for the contract’s upgrade mechanism to be exploited by attackers.
  • The need to carefully consider and plan for the impact of upgrades on contract users and stakeholders.
  • The need to thoroughly test and audit the contract to ensure it is secure and functions as intended.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

No responses yet

Write a response