cargo-contract icon indicating copy to clipboard operation
cargo-contract copied to clipboard
verified publisher icon paritytech

Add `cargo contract upgrade` command

Open ascjones opened this issue 3 years ago • 6 comments

cargo contract upgrade $proxy-address $implementation-address --suri $account

Upgradeability is a well-known feature in the blockchain ecosystem: it allows a contract implementation to be modified, fixed, and improved without the need of deploying the new contract in a new address. Using a proxy pattern to implement upgradeability has its pros and cons (some are mentioned below).

This command should allow developers to upgrade a given proxy $proxy-address to a new implementation $implementation-address . To mitigate problems, this contract should check that:

  • The implementation's storage layout has not been corrupted. For this, it is necessary to persist the storage layout of the previous implementation, and to compare its storage layout against the new implementation's storage layout. More information about typical storage layout collisions can be found here.
  • The functions defined in the proxy contract and the ones defined in the implementation contract do not share any function selector, to avoid function selector collisions.
  • There are no shared keys between the proxy and the implementation: in other words, all the variables defined in the proxy contract should not collide with the variables defined in the implementation contract.

ascjones avatar Feb 23 '23 15:02 ascjones

As a pre-req for this, we'll probably want the underlying implementation of https://github.com/paritytech/cargo-contract/issues/101 done

HCastano avatar Feb 23 '23 15:02 HCastano

We may also want to split this issue up into two subcommands:

  • cargo contract upgrade proxy
  • cargo contract upgrade set_code_hash

The proxy command would need to:

  • Check for storage collisions/corruption in the new Logic contract
  • Check for selector clashes between Proxy and new Logic contract

The set_code_hash command would need t:

  • Check for storage collisions/corruption in the new Logic contract
  • Don't think function clashing would matter here since we're able to swap the contract entirely

HCastano avatar Feb 23 '23 19:02 HCastano

See https://github.com/OpenZeppelin/openzeppelin-upgrades/tree/master/packages/core/src/validate for inspiration

ascjones avatar Feb 24 '23 13:02 ascjones

I believe we need to address https://github.com/paritytech/ink/issues/1388 first

SkymanOne avatar Aug 28 '23 17:08 SkymanOne

I believe we need to address paritytech/ink#1388 first

This could be relevant: https://github.com/paritytech/ink/pull/1909

ascjones avatar Sep 13 '23 14:09 ascjones

Linking https://github.com/paritytech/ink/issues/1981, which would be useful for migration

ascjones avatar Nov 08 '23 11:11 ascjones