Content
@
0 reply
0 recast
0 reaction
gilbert
@0xgib
Security question: If deploying a contract can take 100-1000x transactions, then how does upgrading a contract work for that same number of transactions? Will the contract still function? As its old version? Or do you upload to a buffer and switch to it in 1 tx instead?
1 reply
0 recast
0 reaction
shazow
@shazow.eth
I believe it's the latter, you upload it into storage buffers then swap the pointer in the final transaction.
1 reply
0 recast
1 reaction
gilbert
@0xgib
That would be the sensible option, right? Still trying to find docs on it Might have to dig into the source code
3 replies
0 recast
0 reaction
curiousapple
@curiousapple
hmm is it enough tho ? if a upgrade is taking multiple transactions and pointer is redirected in end, can't a malicious actor see whats being updated and exploit before the patch is applied ? you also need pause function to pause it before, no ?
2 replies
0 recast
0 reaction
gilbert
@0xgib
It would be raw bytecode, so the attacker would need to be able to statically analyze it in a short amount of time. Sounds possible in theory, but not sure to what extent since txs are much faster in Solana
1 reply
0 recast
0 reaction
shazow
@shazow.eth
From a security perspective, this is certainly not worse than a DAO having to pass governance to upgrade a vulnerable contract. The reality is that 99% of upgrades are not about fixing bugs, but rather about introducing new bugs^Werr, new features!
2 replies
0 recast
1 reaction
shazow
@shazow.eth
If I were a black hat, I wouldn't waste my time trying rushing to front run upgrades, but I'd take my time carefully analyzing new upgrades for new vulnerabilities. In my experience, most bugs get added because someone who lacked context introduced a new feature while missing some nuance. (Could be you in the future.)
0 reply
0 recast
1 reaction
curiousapple
@curiousapple
1 reply
0 recast
1 reaction
