August 25
18:00–19:00
Upgradeable smart contracts security
One of the fundamental properties of blockchain is the impossibility of data spoofing (immutability). However, not all smart contracts have immutable code. A common practice is to use the contract logic update template with the help of a proxy. You have to be very careful when updating implementation. Otherwise, even the smallest mistake can lead to vulnerabilities, as happened with Nomad, Wormhole, and Audius, with hundreds of millions of dollars worth of damages. The report will look at the principles of proxy template, the associated vulnerabilities, and explain how to find proxy storage collision.