[L-02] With only admin role can't acceptUpgrade or acceptUpgradeAndCall
The functions acceptUpgrade and acceptUpgradeAndCall have the ifAdminOrPendingImpl modifier, but it the sender it's the _admin the transcaction recerts the msg.sender == _pendingImplementation inside the _acceptUpgrade function
QA report
Low Risk
acceptUpgrade
oracceptUpgradeAndCall
Non-critical
require
statementLow Risk
[L-01] Wrong event parameter emit
The
_admin()
will be the new admin and not the old, save the old admin in a var and emit this one, like in_setImplementation
or_setPendingImplementation
functions[L-02] With only admin role can't
acceptUpgrade
oracceptUpgradeAndCall
The functions
acceptUpgrade
andacceptUpgradeAndCall
have theifAdminOrPendingImpl
modifier, but it the sender it's the_admin
the transcaction recerts themsg.sender == _pendingImplementation
inside the_acceptUpgrade
function[L-03] Mark as abstract
If the Governed.sol contract is deployed, will fail to initialize
Same with the GraphTokenUpgradeable.sol
Non-critical
[N-01] Missing error message in
require
statements[N-02] Unused imports
[N‑03] Non-library/interface files should use fixed compiler versions, not floating ones
[N‑04] Wrong function doc
Should be:
* NOTE: Only the admin and implementation can call this function.
like inadmin
function