Welcome to the discussion thread about this lecture section. Here you can feel free to discuss the topic at hand and ask questions.
2 Likes
Cool. First! 
Regarding Proxy Contracts, THIS is exactly what I was trying to get at in the ETH 201 course when I was talking about dependency injection. A proxy is a different way of accomplishing the same thing. External contract calls are rather expensive on gas though, so I’d imagine this is used sparingly.
It also occurs to me the increased risk with smart contract programming is in a way a good thing. This forces developers to adopt much better habits. Testing and security are top priorities, so must be considered right from the beginning. This makes better developers.
5 Likes
Hi @filip ,
i have done the Quiz: Developer Mindset and don’t agree with the correct answers:
What is different between smart contract programming and normal programming?
-
Smart Contracts handle money
Any existing bank-software used is also handling money since many decades.
I would not argue that the software written decades ago are not “normal programming” -
Smart Contract systems are public
I do not argue that a blockchain must be public, therefore i also do not argue that smart contract system are always public. They could also be non-public.
3 Likes
Is there a list of solid sources with distilled information to stay up to date on these topics?
I see a mailing list for Truffle/Ganache https://www.trufflesuite.com/docs/truffle/reference/contact-the-developers
Solidity bugs - https://securityboulevard.com/2020/05/solidity-top-10-common-issues/
I would almost assume there would be a site dedicated to this.
Yes, this is one good way to keep yourself updated
Not sure how filtered this is but its not wrong but also not coming directly from the community
you can follow consensys blogs: https://diligence.consensys.net
For solidity: documentation is good enough
Also, you can follow Ivan on Tech youtube channel everyday 
Pretty sure you are already doing that.
At the same time. stay with as many forum as you can
1 Like
This Proxy functionality is good to have if it can be entierly trusted. It sort of defeat the object of immutable contracts, When you can have such an easy workaround that could potentially benefit a few with a lot of coin in their wallets long term. And how do you check if a contract includes proxy call functions in its infancy?
In my humble opinion, A Proxy functionality should only be called upon after rigorous process protocols have been adhered to. Maybe have a proxy stearing group in each smart contract to agree and sign off before a proxy can be implemented/deployed. 
Do most contracts have this redirect to another contract as back-up or is it mostly for high finance security?
Upgradable contracts should be considered for complex contract (especially if they handle coins) so that you can jump in and fix a bug as soon as you find it.
Is there a dev community where we can tune into regarding Solidity updates? Or basically an active community about smart contract programming in general? I mean, in Reddit they have communities for languages like C++, JS, etc. I saw an Ethereum dev community but it’s not as active as other communities. I wonder if smart contract devs are flocking somewhere else?
Hey @danielmain
You can usually see smart contracts byte code and you can decompile it but you will get something not really close to a readable contract
Developers decide if make the code public by posing it on GitHub and etherscan.
Cheers,
Dani
1 Like
Oh I thought the reason a smart contract is on the blockchain is because it has to be public not just the byte code.
Thank you
1 Like
In the proxy contract setup, how do developers get all state variable information and implement to the newly created contract? How do they make the new contract up-to-date?
Using delegate call, the function is called in the functional contract but the variable state is saved in the proxy contract.
This means you can update the functional contract address the proxy is interacting with and you will have new functions and still holding the old data.
1 Like
Hello all,
I was wondering if you know about any real-world use cases that managed to handle a bug by pausing the contract. Would be interesting to see how this works in the real world.
Thanks for any additions.
yestome
I know that there are many contracts that has used the pausing ability for fixing bugs.
here is an example:
https://www.reddit.com/r/ethereum/comments/glz8cx/tbtc_contract_paused_after_2_days/
Also this one might be an interesting reading about the subject: https://medium.com/@danielque/what-we-learned-from-auditing-the-top-20-erc20-token-contracts-7526ef3b6fb1
Carlos Z
2 Likes
Thanks Carlos,
Interesting links, especially the second one with a more indepth analysis of what pausability can imply.
1 Like
Are memory function parameters stored on chain or accessible in any way?
Say we have a function like this:
function doSomethingWithString(string memory phrase) public view {
// do something with phrase
}
After the function completes, is the string passed into the phrase variable accessible in any way?