Skip to main content

“Not your keys, not your coins” is not always applicable when it comes to smart contracts.

Did you know that smart contracts can be modified? This can lead to disastrous outcomes, such as losing funds or making a token unusable. Let’s find out the nasty thing about Ethereum 👇

For those who don’t know, a smart contract is a program that runs on the Ethereum blockchain. Tokens like Tether, USDC, and Uniswap are actually… smart contracts.

The golden rule of smart contracts in the past was that they cannot be modified. So why did developers invent a creature called the “Proxy Pattern” to bypass it?

The Proxy Pattern was introduced mainly to fix bugs or add features to smart contracts without changing the contract’s address. Without that, migration of a smart contract to a new version would be expensive.

Proxy Pattern diagram

However, this means that smart contracts can be changed, which is like changing the rules of the game. After an upgrade, you could lose assets, the smart contract could become broken, or the smart contract could become insecure – all leading to losing assets.

Indeed, this was the case in the famous Nomad Bridge hack (details, resulting in a $190M loss of users’ funds. The updated smart contract was compromised due to a bug.

Did you know that most smart contracts use this pattern? These contracts manage billions of dollars and could be unintentionally or flawly modified at any time. What does this creature look like?

Solidity assembly block containing proxy pattern implementation

Is there a way to protect your assets against this threat?
⚠️ Don’t use smart contracts with the Proxy Pattern
⚠️ Don’t own assets managed by smart contracts with the Proxy Pattern
✅ If you have no choice but to use them – protect your digital assets with our security platform

Stay safe and secure in the world of blockchain and cryptocurrency.