From e47b53bce4991a3eb9ecdca59a82b9956a3f0699 Mon Sep 17 00:00:00 2001 From: Eric Lau Date: Sun, 9 Jul 2023 11:33:23 -0400 Subject: [PATCH] Improve BeaconProxy documentation for storage slot (#4438) --- contracts/proxy/beacon/BeaconProxy.sol | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/contracts/proxy/beacon/BeaconProxy.sol b/contracts/proxy/beacon/BeaconProxy.sol index 93e306884..14a8d1b66 100644 --- a/contracts/proxy/beacon/BeaconProxy.sol +++ b/contracts/proxy/beacon/BeaconProxy.sol @@ -10,11 +10,15 @@ import {ERC1967Utils} from "../ERC1967/ERC1967Utils.sol"; /** * @dev This contract implements a proxy that gets the implementation address for each call from an {UpgradeableBeacon}. * - * The beacon address is stored in storage slot `uint256(keccak256('eip1967.proxy.beacon')) - 1`, so that it doesn't - * conflict with the storage layout of the implementation behind the proxy. + * The beacon address can only be set once during construction, and cannot be changed afterwards. It is stored in an immutable + * variable to avoid unnecessary storage reads, and also in the beacon storage slot specified by + * https://eips.ethereum.org/EIPS/eip-1967[EIP1967] so that it can be accessed externally. * - * CAUTION: The beacon address can only be set once during construction, and cannot be changed afterwards. - * You must ensure that you either control the beacon, or trust the beacon to not upgrade the implementation maliciously. + * CAUTION: Since the beacon address can never be changed, you must ensure that you either control the beacon, or trust the + * beacon to not upgrade the implementation maliciously. + * + * IMPORTANT: Do not use the implementation logic to modify the beacon storage slot. Doing so would leave the proxy in an + * inconsistent state where the beacon storage slot does not match the beacon address. */ contract BeaconProxy is Proxy { // An immutable address for the beacon to avoid unnecessary SLOADs before each delegate call.