search

code-423n4 / 2023-07-lens-findings

0 stars 0 forks source link

The initialize function will not be callable even once in the FollowNFT contract #133

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L43-L56

Vulnerability details

Impact

Because the _initialized variable is set to true in the constructor of the FollowNFT contract in FollowNFT.sol, any call to function initialize(uint256 profileId) will revert, even though it should be successfully called once.

Tools Used

Manual review

Recommended Mitigation Steps

A simple solution would be to remove the "_initialized = true;" line from the constructor of the contract.

Assessed type

DoS

c4-pre-sort commented 1 year ago

141345 marked the issue as duplicate of #151

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid