Skip to main content

Overview

The Factory contract is a generalized deployment mechanism for creating upgradeable proxy instances of pre-approved implementations. It tracks multiple implementation versions, proposal workflows, blacklisting for security, and ownership-based access control. It conforms to the IFactory interface and supports deploying any IFactoryEntity-compliant contracts via TransparentUpgradeableProxy, using initialize() for configuration.

Key Capabilities

  • Versioned Deployment: Track multiple logic contract versions, each deployable by index.
  • Proposal System: Allow anyone to propose implementations, with owner approval required.
  • Blacklist Mechanism: Prevent deployment of insecure or deprecated versions.
  • Deterministic Deployments: Uses create2 salt to ensure predictable addresses.
  • Entity Tracking: Keeps a registry of all deployed entities.

Storage Structure

The contract uses a deterministic storage layout via:
Storage fields (in FactoryStorage) include:

Initialization

  • Accepts encoded owner address
  • Sets initial admin and emits Initialized

Entity Deployment

Deploys a new TransparentUpgradeableProxy:
  • Uses implementation from implementations.at(version)
  • Rejects if version is out-of-bounds or blacklisted
  • Uses salt = keccak256(version, owner, initParams, currentEntityCount) for deterministic deployment
  • Calls initialize(initParams) on the new proxy
Emits:

Implementation Management

Propose New Implementation

  • Fails if already in implementations or proposals
  • Adds to proposals
  • Emits: ProposeImplementation(implementation)
  • Permissionless function

Accept Proposed Implementation

  • Only callable by owner
  • Fails if not proposed
  • Moves from proposalsimplementations
  • Emits: AcceptProposedImplementation(implementation)

Blacklisting

  • Blocks deployments using specific version
  • Enforces that version index exists
  • Emits: SetBlacklistStatus(version, flag)

View Functions

Access Control

  • Uses OwnableUpgradeable
  • Only owner can accept implementations and blacklist versions

Security Considerations

  • Immutable logic whitelist: Only approved contracts can be deployed
  • Blacklisting: Emergency response for vulnerabilities
  • Replay protection: Deployment salt ensures unique addresses
  • Decentralized proposals: Anyone can propose implementations, but only owner can accept