The Amps exploit was due to an unprotected reinitializer on their upgradeable contract. The attacker called reinitialize, set themselves as the owner, and changed the implementation to a malicious contract. This is a very common bug in upgradeable contracts. (1/5)

https://farcaster.xyz/phil/0x1aa4e6f9

Some of the biggest losses in crypto have been due to upgradeable contracts. Naively it sounds safer, but it adds a lot of complexity and attack surface.

If you're working on a contract, enable easy migration instead of upgradeability if possible. If you must, limit upgrading to the smallest components.

A doodler and computerer. I like permissive/permissionless open source, smart contracts, p2p systems, room-scale VR, and NixOS.

shazow.net

Currently: WhatsABI

This classic always comes to mind: https://diligence.consensys.io/blog/2019/01/upgradeability-is-a-bug/