In this work, we provide a comprehensive survey of smart contract upgradability patterns using proxies. A primary characteristic of smart contracts on the Ethereum blockchain is that they are immutable once implemented, no changes can be made. Taking human error into account, as well as technology improvements and newly discovered vulnerabilities, there has been a need to upgrade these smart contracts, which may hold enormous amounts of Ether and hence become the target of attacks. Several such attacks have caused tremendous losses in the past, as well as millions of dollars in Ether which has been locked away in broken contracts. Thus far we have collected many upgradable proxy patterns and studied their features to build a comprehensive catalog of patterns. We present a summary of these upgradable proxy patterns which we collected and studied. We scraped the source code for approximately 100000 verified contracts from Etherscan.io, the most popular block explorer for Ethereum, out of which we extracted around 64k unique files - most containing multiple contracts. We have begun to automate the analysis of these contracts using the popular static analysis tool Slither, while at the same time implementing much more robust detection of upgradable proxies using this framework. Comparing the results of the original implementation to our own, we have found that approximately 70 percent of the contracts which were initially flagged as upgradeable proxies are false positives which we have eliminated.

翻译：本文对使用代理的智能合约可升级性模式进行了全面综述。以太坊区块链上智能合约的一个主要特征是一旦部署便不可篡改，无法进行任何修改。考虑到人为错误、技术改进以及新发现的漏洞，需要对可能持有大量以太币（因此成为攻击目标）的智能合约进行升级。过去发生的多次此类攻击造成了巨额损失，导致数百万美元的以太币被锁定在存在缺陷的合约中。截至目前，我们已收集了大量可升级代理模式，并研究了其特性，以构建一份全面的模式目录。本文介绍了所收集并研究的这些可升级代理模式的摘要。我们从最流行的以太坊区块浏览器Etherscan.io上抓取了约10万份已验证合约的源代码，从中提取了约6.4万个独立文件——多数文件包含多个合约。我们开始使用流行的静态分析工具Slither对这些合约进行自动化分析，同时利用该框架实现了更稳健的可升级代理检测。将原始实现的结果与我们的方案进行对比，我们发现最初被标记为可升级代理的合约中，约有70%属于误报，已被我们排除。