Ethereum smart-contracts are not upgradeable by default. In order to overcome this limitation developers often use “Proxy contracts”.
Proxy contracts pull code from “logical” contracts and perform actions as if the storage structure of the proxy was identical to that of the “logic” contract, and if it does not match — mess occurs.
The root of the problem
Most of the problems happen where developers try to get around platform limitations and use methods that are ill-suited for this. Unfortunately this is the case with Ethereum and AUDIUS. The lack of built-in contract upgradeability is a security flaw of Ethereum.
- According to decrypt.co AUDIUS contracts were audited twice (by OpenZeppelin in 2020 and Kudelski in 2021). The exploited issue was in the code for 2 years.
- There was no open bug bounty or exploit reporting program in place. It was possible to create a bounty program, then the hacker could report a bug rather than exploit it.
- It would be possible to insure a smart-contract that operates with huge quantities of funds in order to get a compensation in case of a hack. See Callisto Insurance program
- Unfortunately the most common practice of re-inventing upgradeability in Ethereum is the use of Proxy-contracts. We strongly encourage DAPP developers to pay attention to the caveats related to Proxy-contracts.
- Always have a bug bounty for your contracts. The more funds a contract is supposed to hold — the more important it is to adhere to the best-known security practices.
- There is no single method to ensure that a program is completely secure. Always use multiple methods that complement each other.
- Smart-contracts are better suitable for solving the issue of trust rather than the issue of security. Use tools as they are the best fit.