The proxy does not upgrade logic suddenly. Instead, it sets nextLogic and keeps it for a month.
bytes32 internal constant NEXT_LOGIC_SLOT = 0xb182d207b11df9fb38eec1e3fe4966cf344774ba58fb0e9d88ea35ad46f3601e; // eip1984.proxy.nextLogic
bytes32 internal constant NEXT_LOGIC_BLOCK_SLOT = 0x96de003e85302815fe026bddb9630a50a1d4dc51c5c355def172204c3fd1c733; // eip1984.proxy.nextLogicBlock
Until chain reaches the block defined in NEXT_LOGIC_BLOCK_SLOT, nextLogic can be reviewed and cancelled, and in case if developers or governance being malicious, it allows investors to safely exit before a malicious upgrade.
Also, there is an optional DEADLINE_SLOT, a block after which it becomes impossible to upgrade the contract.
bytes32 internal constant DEADLINE_SLOT = 0xb124b82d2ac46ebdb08de751ebc55102cc7325d133e09c1f1c25014e20b979ad; // eip1984.proxy.deadline
Value stored in PROPOSE_BLOCK_SLOT defines when setting nextLogic again will become possible and the period can be prolonged with prolongLock(): for example, if there is no upgrade planned anytime soon, next upgradeBlock can be set so that it will only be possible to upgrade the contract again after a year passes. This creates investors piece of mind, as they won’t be required to audit the code every single month.
bytes32 internal constant PROPOSE_BLOCK_SLOT = 0xbc9d35b69e82e85049be70f91154051f5e20e574471195334bde02d1a9974c90; // eip1984.proxy.proposeBlock
This file has been truncated.
pragma solidity >=0.7.0 <0.9.0;
// EIP-1984: this is big for DeFi, but certainly not as big for eips in general, either way I hope it becomes a standard which will allow to easily distinguish
// genuine anonymous devs from scammers.
// OpenZeppelin Upgradeability contracts modified by Sam Porter. Proxy for Nameless Protocol contracts
// You can find original set of contracts here: https://github.com/OpenZeppelin/openzeppelin-contracts/tree/master/contracts/proxy
// Had to pack OpenZeppelin upgradeability contracts in one single contract for readability. It's basically the same OpenZeppelin functions
// but in one contract with some differences:
// 1. DEADLINE is a block after which it becomes impossible to upgrade the contract. Defined in constructor and here it's ~2 years.
// Maybe not even required for most contracts, but I kept it in case if something happens to developers.
// 2. PROPOSE_BLOCK defines how often the contract can be upgraded. Defined in _setNextLogic() function and the interval here is set
// to 172800 blocks ~1 month.
// 3. Admin rights are burnable. Rather not do that without deadline
// 4. prolongLock() allows to add to UPGRADE_BLOCK. Basically allows to prolong lock. Could prolong to maximum solidity number so the deadline might not be needed
// 5. logic contract is not being set suddenly. it's being stored in NEXT_LOGIC_SLOT for a month and only after that it can be set as LOGIC_SLOT.
// Users have time to decide on if the deployer or the governance is malicious and exit safely.
// It fixes "upgradeability bug" I believe.