Closed sherlock-admin2 closed 8 months ago
2 comment(s) were left on this issue during the judging contest.
tsvetanovv commented:
Invalid. The function have access control
takarez commented:
invalid because {invalid: initalization is an admin job and considered trusted}
Anubis
medium
Contract Upgradeability and Initialization
Summary
As an Initializable contract, ensuring that the contract is properly initialized and preventing re-initialization is crucial for maintaining the contract's integrity.
Vulnerability Detail
If the initialization mechanism has flaws or if the contract can be re-initialized, it might lead to security issues like resetting critical state variables or changing the contract's behavior.
Impact
Improper initialization or re-initialization can lead to setting incorrect addresses for availBridge or other critical parameters, impacting the contract's behavior.
Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/MessageReceiver.sol#L25-L28
The __MessageReceiver_init function is intended to initialize the contract.
Tool used
Manual Review
Recommendation