OpenZeppelin Blog

Workshop Recap: Managing Smart Contract Upgrades - OpenZeppelin blog

Written by OpenZeppelin | April 27, 2021

The workshop was recorded on the 22nd April 2021 and led by Martin Verzilli – Developer at OpenZeppelin

The workshop covers the following:

  • Upgrade proxies and support in OpenZeppelin Contracts
  • Creating and approving upgrade proposals with OpenZeppelin Defender
  • Automating smart contract upgrade proposals with Upgrade Plugins and the Defender API

You can watch the video, view the slides, upgrade the example contract.

Why Upgrades?

Smart contracts in Ethereum are immutable by default. Once you create them there is no way to alter them, effectively acting as an unbreakable contract among participants.

Upgradeable contracts allow us to alter a smart contract to fix a bug, add additional features, or simply to change the rules enforced by it.

This allows us to change the contract code, while preserving the state, balance, and address.

The proxy is a simple contract that just delegates all calls to an implementation contract. A delegate call is similar to a regular call, except that all code is executed in the context of the caller, not of the callee.

This allows us to decouple a contract’s state and code: the proxy holds the state, while the implementation contract provides the code. And it also allows us to change the code by just having the proxy delegate to a different implementation contract.

The upgrade admin account is the account with the power to upgrade the upgradeable contracts in your project. The default owner is the externally owned account used to deploy the contracts. Whilst this may be good enough for a local or testnet deployment, in production you need to better secure your contracts. An attacker who gets hold of your upgrade admin account can change any upgradeable contract in your project!

It is recommended to change the ownership of the ProxyAdmin after deployment to a multisig, requiring multiple owners to approve a proposal to upgrade.

Smart contract upgrades can be managed using OpenZeppelin Defender.

Video

Slides

Upgrades workshop.pdf

Upgrade the example contract

Upgrade the example contract using the code from the workshop
github.com/OpenZeppelin/workshops/tree/master/05-upgrades-management/code

Learn more

Learn more about OpenZeppelin Upgrades Plugins: docs.openzeppelin.com/upgrades-plugins

Sign up for a free OpenZeppelin Defender account: defender.openzeppelin.com

See the guide for upgrading via a multisig: docs.openzeppelin.com/defender/guide-upgrades

Guidance on Admin Accounts and Multisigs: blog.openzeppelin.com/admin-accounts-and-multisigs