Immutable Yet Mutable : Empirical Studies in Smart Contract Upgradeability

Abstract

Smart contracts have the potential to revolutionize business processes by digitizing agreements, reducing transaction costs, and enhancing security. However, while enabling trust and reliability, their immutable nature poses significant challenges when updates are necessary to address bugs or adapt to evolving requirements. Despite the introduction of various upgrade mechanisms, there remains a lack of comprehensive understanding of their characteristics, practical usage, limitations, and impact on security and user trust. Moreover, empirical studies analyzing these upgrade practices' real-world adoption and security implications are scarce. This Ph.D. thesis addressed these gaps by systematically examining smart contract upgrade approaches, focusing on clarifying definitions, assessing practical usage, identifying limitations, and evaluating security implications. The core contributions of this thesis were as follows: (i) conducted a Multivocal Literature Review (MLR) to identify and systematically classify existing smart contract upgrade approaches, their characteristics, benefits, limitations, and best practices; (ii) developed PROXiFY, a bytecode-based tool that detects and classifies upgradeable contracts, assisting developers and users in identifying upgradeability features; (iii) performed a large-scale empirical analysis of over 44 million Ethereum contracts to evaluate the prevalence and practical adoption of upgrade approaches; (iv) analyzed the security implications of upgrades, examining how they addressed vulnerabilities and introduced new risks; and (v) introduced EvoChain, a framework for tracking smart contract evolution and upgrade history, enhancing transparency and supporting security assessments. The findings of this thesis provide a comprehensive understanding of smart contract upgradeability. The MLR identified 17 unique upgrade approaches, which were categorized into structured classifications, each analyzed for their characteristics, benefits, and limitations. The empirical analysis demonstrated that only 3\% of Ethereum contracts were upgradeable, yet these contracts collectively managed substantial economic value, underscoring their importance in the blockchain ecosystem. The security evaluation revealed that while 38\% of upgrades effectively mitigated vulnerabilities, 62\% either failed to address existing issues or introduced new vulnerabilities, highlighting the challenges of balancing adaptability with security. These findings provide actionable insights and practical tools to improve smart contract upgrade practices' transparency, security, and reliability.