Omniscia Sovryn Audit
InitializableReentrancyGuard Manual Review Findings
InitializableReentrancyGuard Manual Review Findings
IRG-01M: Inconsistent Initialization Guard
| Type | Severity | Location |
|---|---|---|
| Logical Fault | Minor | InitializableReentrancyGuard.sol:L25-L33 |
Description:
The _initialize function is not protected against repeat invocations in contrast to InitializableOwnable.sol.
Example:
contracts/helpers/InitializableReentrancyGuard.sol
25function _initialize() internal {26 // Storing an initial non-zero value makes deployment a bit more27 // expensive, but in exchange the refund on every call to nonReentrant28 // will be lower in amount. Since refunds are capped to a percetange of29 // the total transaction's gas, it is best to keep them low in cases30 // like this one, to increase the likelihood of the full refund coming31 // into effect.32 _notEntered = true;33}Recommendation:
Should the system be changed to the uint256 system according to the data type exhibit, we advise the _initialize function to be guarded against such repeat invocations by ensuring that the value of the flag is 0.
Alleviation:
The development team has acknowledged this exhibit but decided to not apply its remediation in the current version of the codebase.