Special thanks to Cláudio Silva, Danilo Tuler and Milton Jonathan for reviewing this article! Hello, my name is Guilherme. I've been part of the on-chain team behind Cartesi Rollups since late 2021. Since then, one topic that has always sparked my interest and that of fellow Cartesi contributors is upgradability. What are the trust assumptions at play? How can we minimize them, while also taking into consideration other aspects such as implementation complexity, UX, infrastructure costs, and L1 fees? Let's dig in. Introduction In the software industry, when a severe security vulnerability is reported and fixed, users are highly encouraged to upgrade to the patched version. On web2, users aren't often given much choice besides agreeing with the new terms and conditions. Users are, therefore,, often coerced to agree with the new terms, despite possible setbacks in privacy and transparency. This is even more severe with vendor lock-in practices, which are so common in this industry.