Omniscia Sovryn Audit

InitializableReentrancyGuard Manual Review Findings

InitializableReentrancyGuard Manual Review Findings

IRG-01M: Inconsistent Initialization Guard

Description:

The _initialize function is not protected against repeat invocations in contrast to InitializableOwnable.sol.

Example:

contracts/helpers/InitializableReentrancyGuard.sol
25function _initialize() internal {
26 // Storing an initial non-zero value makes deployment a bit more
27 // expensive, but in exchange the refund on every call to nonReentrant
28 // will be lower in amount. Since refunds are capped to a percetange of
29 // the total transaction's gas, it is best to keep them low in cases
30 // like this one, to increase the likelihood of the full refund coming
31 // into effect.
32 _notEntered = true;
33}

Recommendation:

Should the system be changed to the uint256 system according to the data type exhibit, we advise the _initialize function to be guarded against such repeat invocations by ensuring that the value of the flag is 0.

Alleviation:

The development team has acknowledged this exhibit but decided to not apply its remediation in the current version of the codebase.