Dria

Swan
NFTHardhat
21,000 USDC
View results
Submission Details
Severity: low
Invalid

Lack of `__UUPSUpgradeable_init` Call in Initialize functions

Summary

The initialize function in the contract does not call the __UUPSUpgradeable_init initializer function. Although the __UUPSUpgradeable_init hook is currently empty, best practices for upgradeable contracts suggest including this call in case future implementations require it. The absence of this call in all the contract could lead to missed initialization steps in future versions of the contract, potentially creating upgrade-related issues and deviating from standard practices.

Impact

This vulnerability presents a low risk but introduces a potential upgrade hazard that could affect the contract’s security and functionality over time. Specifically, if future upgrades depend on the __UUPSUpgradeable_init function, the lack of this call in earlier initializations could result in improper setup or vulnerabilities.

Recommendations

Add the __UUPSUpgradeable_init() call in the initialize function to ensure all inherited initializers are called

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.