I'm curious what the general recommendation is around using onlyProxy
to protect direct calls to the implementation contract.
It is my understanding that the only way the implementation contract could interfere with the proxy is via some combination of selfdestruct
, delegatecall
and callcode
. So it seems as long as a function never executes any of these instructions, there is no way it can influence the proxy, and the onlyProxy
modifier is not needed.
In conclusion, would you consider the following rule to be secure?
Use
onlyProxy
for any function of the implementation contract that may executeselfdestruct
,delegatecall
orcallcode
. Otherwise,onlyProxy
is not needed.
Thanks!