bareli - cannot Initialize with owners once Initialize auction parameters

[sherlock-admin4]

bareli

medium

cannot Initialize with owners once Initialize auction parameters

Summary

we cannot Initialize the 'Initialize auction parameters with the owner ' if we have already called the first initializeAuction function as both are using the same '_isInitialized';

Vulnerability Detail

@> function initializeAuction( address repossessor, address initialBidder, uint256 initialPeriodStartTime, uint256 initialPeriodStartTimeOffset, uint256 startingBid, uint256 auctionLengthSeconds, uint256 minBidIncrement, uint256 bidExtensionWindowLengthSeconds, uint256 bidExtensionSeconds_ ) external { require( @> !_isInitialized(), 'EnglishPeriodicAuctionFacet: already initialized' );

    _setSupportsInterface(type(IPeriodicAuctionReadable).interfaceId, true);
    _initializeAuction(
        repossessor_,
        initialBidder_,
        initialPeriodStartTime_,
        initialPeriodStartTimeOffset_,
        startingBid_,
        auctionLengthSeconds_,
        minBidIncrement_,
        bidExtensionWindowLengthSeconds_,
        bidExtensionSeconds_
    );
}

/**
 * @notice Initialize auction parameters with owner
 */

@> function initializeAuction( address owner, address repossessor, address initialBidder, uint256 initialPeriodStartTime, uint256 initialPeriodStartTimeOffset, uint256 startingBid, uint256 auctionLengthSeconds, uint256 minBidIncrement, uint256 bidExtensionWindowLengthSeconds, uint256 bidExtensionSeconds ) external { require( @> !_isInitialized(), 'EnglishPeriodicAuctionFacet: already initialized' );

    _setSupportsInterface(type(IPeriodicAuctionReadable).interfaceId, true);
    _setSupportsInterface(type(IPeriodicAuctionWritable).interfaceId, true);
    _grantRole(COMPONENT_ROLE, owner_);
    _initializeAuction(
        repossessor_,
        initialBidder_,
        initialPeriodStartTime_,
        initialPeriodStartTimeOffset_,
        startingBid_,
        auctionLengthSeconds_,
        minBidIncrement_,
        bidExtensionWindowLengthSeconds_,
        bidExtensionSeconds_
    );
}

Impact

we cannot use both initialize function at the same time.

Code Snippet

https://github.com/sherlock-audit/2024-02-radicalxchange/blob/main/pco-art/contracts/auction/facets/EnglishPeriodicAuctionFacet.sol#L28

Tool used

Manual Review

Recommendation

use different _isInitialized variable for both for better handling.