Why can a protocol silently swap the code under my funds without warning?
Opportunity
Most DeFi protocols use upgradeable proxy contracts where an admin key can replace the entire implementation in a single transaction. Users sitting in the protocol have no reliable way to detect that an upgrade is pending, verify what changed, or exit before the new code takes effect. OWASP added proxy and upgradeability vulnerabilities as a new category in its Smart Contract Top 10 for 2026, the first addition driven by governance failures rather than code-level bugs. In December 2025, Unleash Protocol lost $3.9M when an attacker exploited a multisig governance path to force an unauthorized upgrade and drain user funds. No standard exists across audit firms, protocols, or wallets for surfacing an impending upgrade to users with enough lead time to act.
Why it matters
An unannounced proxy upgrade is indistinguishable from an exploit at the moment it executes, and users currently have no primitive to tell the difference in time to matter.
How I score the opportunity
The Opportunity Score is my own read, not a measurement: how much it hurts, how often it bites, and how little exists to solve it today. Higher means I think it is more worth building.
How much pain it causes when it shows up.
How often people actually run into it.
How little good tooling exists for it today.
More problems worth solving
Why can't I prove I am solvent without showing my balance?
BlockchainWhy is moving money between chains still scarier than the early internet?
BlockchainWhy does compliance still mean a PDF and a prayer?
BlockchainWhy is self-custody still a choice between losing your keys and trusting a company?
BlockchainWhy does tokenizing a real asset still need ten middlemen?
BlockchainWhy can't a stablecoin pay someone with no internet?