Factory

Overview

The Factory contract is a generalized deployment mechanism for creating upgradeable proxy instances of pre-approved implementations. It tracks multiple implementation versions, proposal workflows, blacklisting for security, and ownership-based access control.

It conforms to the IFactory interface and supports deploying any IFactoryEntity-compliant contracts via TransparentUpgradeableProxy, using initialize() for configuration.

Key Capabilities

  • Versioned Deployment: Track multiple logic contract versions, each deployable by index.

  • Proposal System: Allow anyone to propose implementations, with owner approval required.

  • Blacklist Mechanism: Prevent deployment of insecure or deprecated versions.

  • Deterministic Deployments: Uses create2 salt to ensure predictable addresses.

  • Entity Tracking: Keeps a registry of all deployed entities.

Storage Structure

The contract uses a deterministic storage layout via:

bytes32 _factoryStorageSlot = SlotLibrary.getSlot("Factory", name_, version_);

Storage fields (in FactoryStorage) include:

Field
Description

entities

Set of all deployed proxy instances

implementations

Approved logic contract addresses

proposals

Pending implementation proposals

isBlacklisted

Mapping from version → is blacklisted

Initialization

function initialize(bytes calldata data) external initializer
  • Accepts encoded owner address

  • Sets initial admin and emits Initialized

Entity Deployment

function create(uint256 version, address owner, bytes calldata initParams) external returns (address instance)

Deploys a new TransparentUpgradeableProxy:

  • Uses implementation from implementations.at(version)

  • Rejects if version is out-of-bounds or blacklisted

  • Uses salt = keccak256(version, owner, initParams, currentEntityCount) for deterministic deployment

  • Calls initialize(initParams) on the new proxy

Emits:

event Created(address instance, uint256 version, address owner, bytes initParams);

Implementation Management

Propose New Implementation

function proposeImplementation(address implementation) external
  • Fails if already in implementations or proposals

  • Adds to proposals

  • Emits: ProposeImplementation(implementation)

  • Permissionless function

Accept Proposed Implementation

function acceptProposedImplementation(address implementation) external onlyOwner
  • Only callable by owner

  • Fails if not proposed

  • Moves from proposalsimplementations

  • Emits: AcceptProposedImplementation(implementation)

Blacklisting

function setBlacklistStatus(uint256 version, bool flag) external onlyOwner
  • Blocks deployments using specific version

  • Enforces that version index exists

  • Emits: SetBlacklistStatus(version, flag)

View Functions

Function
Returns

entities()

Total number of deployed entities

entityAt(index)

Deployed entity at index

isEntity(address)

Checks if address is a deployed entity

implementations()

Total implementation count

implementationAt(index)

Implementation at index

proposals()

Total proposals pending approval

proposalAt(index)

Proposal at index

isBlacklisted(version)

Whether a version is blocked from deployment

Access Control

  • Uses OwnableUpgradeable

  • Only owner can accept implementations and blacklist versions

Security Considerations

  • Immutable logic whitelist: Only approved contracts can be deployed

  • Blacklisting: Emergency response for vulnerabilities

  • Replay protection: Deployment salt ensures unique addresses

  • Decentralized proposals: Anyone can propose implementations, but only owner can accept

Last updated