I am making an attempt to grasp the safety and dangers behind L2s. On l2beat.com, the factor that sounds most scary to me is the upgradeability. For many L2s, together with Arbitrum, it says “Funds might be stolen if a contract receives a malicious code improve. There isn’t a delay on code upgrades (CRITICAL).”
Am I understanding this accurately that they may simply deploy an improve to their contract that enables them to instantly steal all of the funds?
I actually hope I am misinterpreting or lacking one thing there, as this may clearly be an enormous crimson flag.