DiamondCutSimpleFacet Manual Review Findings

DCS-01M: Potentially Dangerous Similarity

Type	Severity	Location
Standard Conformity		DiamondCutSimpleFacet.sol:L19

Description:

The diamondCut function of DiamondCutGovernableFacet and DiamondCutSimpleFacet are equivalent in name but possess different input arguments permitting them to simultaneously be exposed by the same Diamond instance.

Example:

Copy
13/// @notice Add/replace/remove any number of functions and optionally execute
14///         a function with delegatecall
15/// @param _diamondCut Contains the facet addresses and function selectors
16/// @param _init The address of the contract or facet to execute _calldata
17/// @param _calldata A function call, including function selector and arguments
18///                  _calldata is executed with delegatecall on _init
19function diamondCut(FacetCut[] calldata _diamondCut, address _init, bytes calldata _calldata)
20    external override
21{
22    LibDiamond.diamondCut(_diamondCut, _init, _calldata);
23}

Recommendation:

We advise the simple version of the diamond cut to be relocated as a test file as it contains no access control.

Alleviation:

The Alliance Block team stated that the contract is immediately removed post-deployment and the governable version is introduced in its place as evidenced by the deployment scripts present in the repository. As the signature similarity remains, we will retain this exhibit as acknowledged to ensure the Alliance Block team considers it in all future updates of the codebase.