Content pfp
Content
@
0 reply
0 recast
0 reaction

gilbert pfp
gilbert
@0xgib
Security question: If deploying a contract can take 100-1000x transactions, then how does upgrading a contract work for that same number of transactions? Will the contract still function? As its old version? Or do you upload to a buffer and switch to it in 1 tx instead?
1 reply
0 recast
0 reaction

shazow pfp
shazow
@shazow.eth
I believe it's the latter, you upload it into storage buffers then swap the pointer in the final transaction.
1 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
That would be the sensible option, right? Still trying to find docs on it Might have to dig into the source code
3 replies
0 recast
0 reaction

curiousapple pfp
curiousapple
@curiousapple
hmm is it enough tho ? if a upgrade is taking multiple transactions and pointer is redirected in end, can't a malicious actor see whats being updated and exploit before the patch is applied ? you also need pause function to pause it before, no ?
2 replies
0 recast
0 reaction

curiousapple pfp
curiousapple
@curiousapple
Hmm, when you say something takes multiple transactions in Solana, does it act like an atomic batch, or can someone put some transactions of their own in the middle? You can say same problem of someone front-running upload exists in EVM as well, but there its not that severe due to flashbots and single tx update
1 reply
0 recast
0 reaction

gilbert pfp
gilbert
@0xgib
It would be raw bytecode, so the attacker would need to be able to statically analyze it in a short amount of time. Sounds possible in theory, but not sure to what extent since txs are much faster in Solana
1 reply
0 recast
0 reaction