PausableUpgradable contract not initialized in the CoreOracle Contract.
Summary
The __Pausable_init() is not invoked in the CoreOracle smart contract. The CoreOracle Smart contract inherits from the PausableUpgradable contract but the PausableUpgradable is not initialized as recommended by openzeppelin.
Vulnerability Detail
The CoreOracle smart contract inherits from the PausableUpgradable smart contract but the __Pausable_init() is not invoked in the initialize function of the CoreOracle smart contract which will make it not initialize the PausableUpgradable smart contract as recommended by openzeppelin.
function initialize() external initializer {
__Ownable_init(); //@audit PausableUpgradable init function not called
}
kaysoft
medium
PausableUpgradable contract not initialized in the CoreOracle Contract.
Summary
The
__Pausable_init()is not invoked in the CoreOracle smart contract. The CoreOracle Smart contract inherits from the PausableUpgradable contract but the PausableUpgradable is not initialized as recommended by openzeppelin.Vulnerability Detail
The CoreOracle smart contract inherits from the PausableUpgradable smart contract but the
__Pausable_init()is not invoked in the initialize function of the CoreOracle smart contract which will make it not initialize the PausableUpgradable smart contract as recommended by openzeppelin.Reference: https://docs.openzeppelin.com/upgrades-plugins/1.x/writing-upgradeable
Impact
The Pausable Upgradable will not be initialized to the default state.
Code Snippet
https://github.com/sherlock-audit/2023-04-blueberry/blob/main/blueberry-core/contracts/oracle/CoreOracle.sol#L36-L38
Tool used
Manual Review
Recommendation
Ensure to invoke all the init functions of inherited upgradable smart contracts with the code below in the CoreOracle.sol file.