What Is A Proxy Contract And How To Identify One On A Quick Intel Scan?
Sep 22, 2023
Crypto 101
Have you seen a Quick Intel audit that shows a potential risk for a Proxy Contract? Have you wondered what a proxy contract is and what risks it could represent?
Quick Intel’s Contract Scanner is available on the Web, Android, and IOS. It is free to use and can scan contracts on 26 different chains! We also have two additional holder or subscriber tiers that unlock additional features to make your research easier and faster.
Let’s dig into proxy contracts!
What Is A Proxy Contract?
Essentially, the token’s contract is passing some of the work off to another contract that lives behind the scenes as seen in the diagram below.
To understand this a bit better, think about going to the grocery store to buy some generic “Jim’s Grocery Salsa”. The grocery store is like a proxy contract. It works with distributors behind the scenes to source the salsa and slap the “Jim’s Grocery” label on the salsa. From a buyer’s perspective, you have limited visibility into whether the grocery store switched distributors as the salsa is always named “Jim’s Grocery Salsa”. With this example in mind, take another look at the diagram above.
“Ok, I understand the concept, but why should I care?” Great question! Let’s dig in a little deeper.
What Are The Risks And Benefits Of A Proxy Contract?
If you have read our other Quick Intel blogs, you may have noticed that some contract features can be used for good and bad purposes. A proxy contract is an example of this. Understanding the benefits and risks of a proxy contract can be confusing, so let’s provide a couple of examples.
Let’s look at why a project may wish to have a proxy contract:
The main reason to use a proxy contract is to allow seamless upgradability. A “V2” is not required if something needs to be changed in the token’s contract as the “behind the scenes” contract can be updated or switched out without requiring a relaunch of the token’s contract. You may see a proxy contract being used when the project plans to allow a DAO or community voting to decide the direction of the project and that direction requires changes to the contract.
That sounds great! Everyone loves upgrades! Not so fast... There is a potential dark side to proxy contracts:
While having the ability to upgrade a contract without relaunching could be beneficial, that only becomes true if the project’s team has the holder’s interest at heart. This upgradability comes at the risk of a project being able to put whatever they wish in the 2nd contract. An example of this is the 2nd contract could be “upgraded” to steal all of the tokens in your wallet, reroute sell profit to their wallets or any other token risk you have seen.
It is important to note that both the token’s contract (the proxy) as well as the 2nd contract could be renounced, which would remove some of the risk by not allowing the 2nd contract to be changed.
Unfortunately, what is typically seen is the token’s contract (the proxy) is renounced which makes the potential holder believe it is safe without realizing the 2nd contract even exists.
How Do I Know If A Token’s Contract Is A Proxy?
Quick Intel’s scanner displays a simple “Yes” or “No” to show if the token’s contract is a proxy. The next step is to DYOR with the project to understand if there is a legitimate reason for this or if the project is merely planning to scam you at a later point.