I've been working with OpenZeppelin's TransparentUpgradeableProxy in conjunction with the Hardhat Upgrades plugin and noticed a potential redundancy that I'd like to discuss.
When deploying a transparent upgradeable proxy using the Hardhat Upgrades plugin, the plugin first deploys a ProxyAdmin contract:
Subsequently, the TransparentUpgradeableProxy is deployed, and its constructor, as defined in OpenZeppelin's contracts, also deploys its own ProxyAdmin:
This results in two ProxyAdmin contracts being deployed: one by the Hardhat Upgrades plugin and another by the TransparentUpgradeableProxy constructor.
My questions are:
Is this redundancy intentional? If so, what's the rationale behind having two separate ProxyAdmin contracts for a single proxy?
If this is not intentional, is there a recommended way to ensure only one ProxyAdmin is deployed and associated with the proxy?
Has anyone else encountered this situation, and how did you address it?
I appreciate any insights or recommendations on this matter. Thank you!
TransparentUpgradeableProxy: Admin is now stored in an immutable variable (set during construction) to avoid unnecessary storage reads on every proxy call. This removed the ability to ever change the admin. Transfer of the upgrade capability is exclusively handled through the ownership of the ProxyAdmin. (#4354)
Make sure that you're using a HardHat version which is compatible with this OpenZeppelin version.
@max The Hardhat Upgrades plugin currently deploys this version of the TransparentUpgradeableProxy from OpenZeppelin Contracts v4. This version takes the proxy admin as a constructor parameter, so there is no redundancy.
In OpenZeppelin Contracts v5, TransparentUpgradeableProxy indeed deploys its own proxy admin. This version is not deployable by the Hardhat Upgrades plugin at the moment, but we plan to add support for this in this issue.
If you want to use v5 proxy contracts for now, you would need to deploy them without the plugin, then import them using upgrades.forceImport.
The two responses look exactly the same to me - they both tell you that OZ v5 has changed the related API, and that your HH version is probably incompatible with this API change, so you should either upgrade your HH version, or downgrade your OZ version.