Proxy Upgradability: A 2024 DeFi Risk Brief
Table of Contents
Table of Contents
Share
Proxy pattern upgradability brief for capital allocators: how upgradeable DeFi contracts create both bug-fix flexibility and admin-key backdoor risk in 2024.
Frequently Asked Questions
- An upgradeable proxy is a smart contract that holds the protocol's storage and funds while delegating its logic to a separate implementation contract whose address can be changed. The proxy address stays constant for users and integrators, but the team can point it at new logic to fix bugs or add features. This separation of storage from logic is what makes a deployed protocol changeable rather than permanently fixed.
- Upgradability lets a team patch a vulnerability or improve a live protocol without migrating users, which is a real operational benefit. The same mechanism is a risk because whoever controls the upgrade key can replace the logic entirely, including with malicious code, so an upgradeable protocol is only as trustworthy as the control over its upgrade key. The feature and the backdoor are the same lever.
- Check who controls the upgrade key. A single externally owned account is a centralisation backdoor, while a multisig with reputable signers or a timelock that delays upgrades is far safer. Also confirm the latest implementation was audited, since the original audit does not cover code added in a later upgrade, and that storage layout rules were followed to avoid collisions.
Don't Miss What's Next
Subscribe to newsletter
Tags:
DeFi
Smart Contract Security
Web3 Strategy
Get in Touch
Our team will get back to you within 24 hours.
