Abstract

Smart contracts have been developed and employed in both permissioned and permissionless blockchains recently, mainly to enforce agreements among parties without the need for intermediaries. This achievement is the result of blockchain immutability which guarantees that no party can alter the conditions of an already deployed contract. However, immutability also makes patching or updating contracts impossible even when incorrectness, unfairness, or security flaws are spotted in them. So far, researchers in academia and industry have developed two main methods, data segregation and proxy storage, with six patterns to make deployed contracts upgradable. However, until now, there has been no comprehensive framework that can simultaneously offer upgradability, security resilience, and scalability features. For example, none of the existing solutions have implemented any security mechanism that can resist attacks such as the DAO one. Through extensive analysis and implementation of all these patterns, and taking state-of-the-art attacks on the Ethereum network into consideration, we propose our innovative framework, “Comprehensive-Data-Proxy pattern” which uses data segregation on the top of proxy pattern, that can completely defend against any types of Reentrancy attacks. Additionally, this solution mitigates the scalability issue of the proxy pattern. Our experiments show that the framework can address these two issues with negligible impact on performance.