Proxy Contract Upgrade Attacks Explained: How Upgrade Patterns Became Attack Vectors
Proxy contract upgrade attacks exploit the separation between a proxy contract and its logic implementation — when an attacker gains control of the upgrade function, they can replace trusted logic with malicious code and drain every contract in the system. Learn how the Parity Wallet multi-sig freeze, the Wormhole initialization bug, and the Uranium Finance 72x bug worked — why delegatecall is dangerous, how storage slot collisions enable hidden exploits, and what the UUPS vs Transparent vs Beacon proxy patterns mean for security.