Omniscia Myso Finance Audit

InitializableERC20 Manual Review Findings

IER-01M: Inexistent Exposure of Initializer

Type	Severity	Location
Standard Conformity		InitializableERC20.sol:L8-L10

Description:

The InitializableERC20 lacks any internally accessible initializer, prompting derivative implementations to mutate the _decimals, _name, and _symbol data entries directly.

Example:

contracts/utils/InitializableERC20.sol

7contract InitializableERC20 is ERC20, Initializable {
8    uint8 internal _decimals;
9    string internal _name;
10    string internal _symbol;
11
12    constructor() ERC20("", "") {
13        _disableInitializers();
14    }
15
16    function decimals() public view override returns (uint8) {
17        return _decimals;
18    }
19
20    function name() public view override returns (string memory) {
21        return _name;
22    }
23
24    function symbol() public view override returns (string memory) {
25        return _symbol;
26    }
27}

Recommendation:

As direct mutation of parent contract variables is an ill-advised programming pattern, we strongly advise the introduction of an explicit internally accessible initializer that can solely be invoked once, ensuring that the _decimals, _name, and _symbol data entries are updated properly and permitting them to be set as private.

Alleviation (d9eb549dcca601db1fa91336ebe4d08fa8f2908b):

The code was updated to properly expose an initializer and set the visibility of its internal variables to private, ensuring they can solely be mutated via the initializer and thus addressing this exhibit.

Omniscia Myso Finance Audit

InitializableERC20 Manual Review Findings

InitializableERC20 Manual Review Findings

IER-01M: Inexistent Exposure of Initializer

Description:

Example:

Recommendation:

Alleviation (d9eb549dcca601db1fa91336ebe4d08fa8f2908b):

FeeHandler.sol (FHR-M)

Router.sol (RRE-M)

On this page