Omniscia vfat Audit

Sickle Manual Review Findings

Sickle Manual Review Findings

SEL-01M: Improper Initialization Disable Methodology

Description:

The Sickle::constructor implements the same Initializable::initializer modifier invocation as the Multicall::constructor which is redundant, and additionally invokes the initializers of the SickleStorage dependency with zero-value arguments.

Example:

contracts/Sickle.sol
17/// @param sickleRegistry_ Address of the SickleRegistry contract
18constructor(
19    SickleRegistry sickleRegistry_
20) initializer Multicall(sickleRegistry_) {
21    _Sickle_initialize(address(0), address(0));
22}

Recommendation:

We advise our recommendation for Multicall in relation to disabling the initialiers to be applied, and this contract to not invoke any further statements as initialization will have been adequately blocked by the Multicall dependency.

Alleviation (6ab7af3bb495b817ffec469255ea679b1813eecb):

The code was updated to disable initializers via the Initializable::_disableInitializers pathway, standardizing the mechanism via which initialization and re-initialization is disabled.

Prev

RamsesRouterConnector.sol (RRC-M)

Next

SickleFactory.sol (SFY-M)

On this page