Setting an owner on upgradeable contracts without being able to call constructor

[treeder]

If the contract requires an owner, how can you securely set it to the deployers address when using upgradeable contracts? cc @benbjohnson

[benbjohnson]

IIRC, it sets the owner to the msg.sender when it gets created.

[jmank88]

@treeder The proxy constructor does run: https://github.com/gochain/web3/blob/master/assets/OwnerUpgradeableProxy.sol#L16

[treeder]

I mean the constructor of the underlying contract, that doesn't run right? (or if it does, the docs are wrong).

[jmank88]

AFAIK that is correct. Perhaps the contract would need to reference the proxy owner via keccak256("gochain.proxy.owner") to bootstrap its own owner, or to just use directly instead.

[treeder]

Maybe we should have the proxy call an init() function (if it exists), that can be used as a constructor. Otherwise, it seems to me that you'd have to deploy, then call functions a constructor would do, such as call setOwner. And that setOwner to be secure would have to have a defense in like if owner == address(0x0) then allow it so it can only be called once.

[treeder]

cc @brockmcblockchain

[jmank88]

An generalized init() solution might be possible, but if the only concern is managing an owner, then the target contract can reference the owner from the proxy contract with keccak256("gochain.proxy.owner") because they share the same state.

[treeder]

It's not just owner, it's anything you'd put in a constructor. That's just a common one.

[treeder]

Alternatively, can we figure out a way to call the constructor?

[jmank88]

AFAIK running the constructor of the target contract against the state of the proxy contract is not possible. It does run when the target is deployed, but against its own state, not the proxy state.