A Comprehensive Survey of Upgradeable Smart Contract Patterns

TL;DR

This paper surveys various smart contract upgradeability patterns on Ethereum, analyzing thousands of verified contracts to identify and classify proxy patterns, and automates detection to improve security and reliability.

Contribution

It provides a comprehensive catalog of upgradeable proxy patterns and introduces automated detection methods to distinguish true proxies from false positives.

Findings

Approximately 70% of flagged proxies are false positives.

Scraped and analyzed around 64,000 unique contracts from Etherscan.

Developed a more robust detection framework using Slither.

Abstract

In this work, we provide a comprehensive survey of smart contract upgradability patterns using proxies. A primary characteristic of smart contracts on the Ethereum blockchain is that they are immutable once implemented, no changes can be made. Taking human error into account, as well as technology improvements and newly discovered vulnerabilities, there has been a need to upgrade these smart contracts, which may hold enormous amounts of Ether and hence become the target of attacks. Several such attacks have caused tremendous losses in the past, as well as millions of dollars in Ether which has been locked away in broken contracts. Thus far we have collected many upgradable proxy patterns and studied their features to build a comprehensive catalog of patterns. We present a summary of these upgradable proxy patterns which we collected and studied. We scraped the source code for approximately 100000 verified contracts from Etherscan.io, the most popular block explorer for Ethereum, out of which we extracted around 64k unique files - most containing multiple contracts. We have begun to automate the analysis of these contracts using the popular static analysis tool Slither, while at the same time implementing much more robust detection of upgradable proxies using this framework. Comparing the results of the original implementation to our own, we have found that approximately 70 percent of the contracts which were initially flagged as upgradeable proxies are false positives which we have eliminated.