Ethereum

Let's think this through: Someone successfully social engineers Circle into leaking their upgrader key, the person upgrades USDC with a version that removes blacklisting and revokes all permissions including admin for upgrades (before you tell me it's not possible to set it to 0x00, remember I can set it to 0xdead for example). What would happen after?

𝐖𝐨𝐫𝐤𝐢𝐧𝐠 𝐨𝐧 𝐰𝐡𝐚𝐭'𝐬 𝐧𝐞𝐱𝐭.

https://github.com/pcaversaccio

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

They can't do anymore upgrades. They would need to create a new USDC contract. Now what about all the contracts that hardcoded the original USDC address?

They'd do an upgrade the same way projects without upgradability in contracts do: announce the issue, warn all transactions on or after the hacked block will be reverted, and restore the state of the contract at the block prior to a new contract

Would take the most kind hearted person to get access to circle's upgrader key and the only thing they do is remove censorship and upgrade permission