Upgradability

Mantle LSP uses a standard implementation for contract upgradability. This implementation is provided by the OpenZeppelin TransparentUpgradableProxy contracts.

• The proxy contract is the contract users and other system components interact with, all data is stored in the proxy contract.

• The implementation contract (without proxy name) is the core logic, but stores no data.

• Upgrading involves deploying a new implementation contract, and pointing the proxy contract to that new contract. The proxy contract address will not change.

For more information, see:

• Upgrades via the proxy pattern

• Transparent proxies

Timelock

To ensure that Mantle governance cannot make contract upgrades instantly, the LSP protocol uses a Timelock controller to add a delay to the process. This ensures:

• Users have a chance to exit the protocol if they disagree with a proposed upgrade.

• A compromise of the governance process cannot introduce a malicious upgrade without a delay.

The timelock contract is the only proxy admin for all other contracts, meaning upgrades must be done through the timelock mechanism. The timelock implementation is the standard OpenZeppelin TimelockControler (v4.8.2).

Note that changing the delay with the updateDelay function is also subject to the delay configured on the contract. This enforces that lowering the time delay is also subject to the initial delay.

For more information, see:

• Timelock governance

• Timelock Controller contract

• Mantle LSP's deployed Timelock at 0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2