# selfdestruct in implementation contracts can permanently brick proxy systems If the implementation contract behind a proxy has an accessible `selfdestruct` (or `SELFDESTRUCT` opcode), calling it destroys the implementation's bytecode. Since [[delegatecall executes code from another contract using the callers storage context|delegatecall targets code at the implementation address]], the proxy's delegatecall will hit an empty address and every call will fail permanently. The [[parity wallet hack demonstrated that selfdestruct in implementation contracts permanently bricks proxy systems|Parity wallet hack]] ($280M frozen, 2017) is the canonical demonstration. Since [[selfdestruct was deprecated in solidity 0.8.18 via eip-6049]], this risk is diminishing for new contracts, but legacy code and older compiler versions remain vulnerable. --- Relevant Notes: - [[parity wallet hack demonstrated that selfdestruct in implementation contracts permanently bricks proxy systems]] — the canonical exploit - [[selfdestruct was deprecated in solidity 0.8.18 via eip-6049]] — the deprecation that reduces future risk - [[CREATE2 enables contract recreation at the same address with different bytecode when the constructor queries external state]] — selfdestruct clears addresses for potential recreation; the destruction side (this note) and the rebuild-and-exploit side (CREATE2) are complementary attack phases - [[CREATE2 enables metamorphic contract attacks by allowing a self-destructed contract to be redeployed with different bytecode at the same trusted address]] — extends this: the offensive pattern that weaponizes selfdestruct + CREATE2 to perform a bait-and-switch on trusted contract addresses in governance and DeFi protocols Topics: - [[vulnerability-patterns]]