Smart Contract Upgrades

How can you detect an upgradable Smart Contract and who is enabled to implement upgrades (has admin function)?


IF you want to get this upgrade information, May be you can try symbolic execution

1 Like

@jie_cai thanks so much for the solution. Do you mind elaborating on why it would work?

The symbolic execution technology is a traditional program static analysis method. It can calculate the condition for each branch in your code

Here is the example:

The code will exit EXIT_FAILURE as when input satisfy:

Then use a Theorem Prover (e.g. Z3 ) can get the x,y which satisfy the above constraint.

So when you analyze a smart contract by symbolic execution, you can get call constraints of the delegatecall.


Could you explain this approach on a more high-level basis? As I understand it, you simulate the smart contract logic by using a tool called symbolic execution which outputs a certain value [EXIT_FAILURE], if the smart contract doesn‘t contain any delegate calls to upgrade the contract? Is that right?

1 Like