Closed code423n4 closed 2 years ago
rfa
https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/XOLE.sol#L34-L53 the comment said it expected to not be called multiple time. but nothing is prevent it to called multiple time. i think, instead of using initialize function, just put them all in the constructor which is currently empty
initialize
put them in constructor
constructor
Not see any risk of this. Recommend severity 0 (Non-critical)
Duplicate of #67
initialize function is necessary for proxy deployments.
Handle
rfa
Vulnerability details
Proof of Concept
https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/XOLE.sol#L34-L53 the comment said it expected to not be called multiple time. but nothing is prevent it to called multiple time. i think, instead of using
initialize
function, just put them all in the constructor which is currently emptyRecommended Mitigation Steps
put them in
constructor