Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I feel like this should be the takeaway. Instead of blaming users there should be some system that allows patches, updates and new features to be published to these smart contracts. It just seems silly that any programmer would think it’s a good idea to publish some code you can’t patch and horrifying to let that code scale to this size without being able to correct any of your original assumptions.


There is such a thing as a "proxy" contract. The contract can delegate to another "delegate" contract that actually performs the functions you want. The proxy contract also has a function that allows the owner to change the address of the delegate contract. If you tell you users to interact with the proxy contract then they will always interact with the latest version of the delegate contract.

Some ERC20 tokens implement this but I believe many do not.

https://docs.openzeppelin.com/contracts/3.x/api/proxy


How is the proxy contract tested - wouldn't you need to create a proxy-to-the-proxy contract just in case there is a bug and need to point it to the fixed version?


There are a couple design patterns for this




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: