★ Reinitializable implementation (no _disableInitializers)
Dolomite's assessment for RD-F-143 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
DolomiteMargin core is immutable — F143 structurally N/A for core layer. Module proxy contracts use upgradeable pattern. OZ version 2.5.1 (data-cache) predates _disableInitializers() (introduced OZ 4.3.1, released 2022). Module implementations very likely lack this protection. Cannot confirm definitively without Slither run. Handoff to code-security-analyst required.
Sources #
- Partner feedData cache — OZ version 2.5.1data-cache github.oz_contracts_version=2.5.1 — far predates _disableInitializers() (OZ 4.3.1+)retrieved 2026-05-16
- Dolomite Core Proxy Contractsdocs.dolomite.io/smart-contract-addresses/core-proxies — module proxies (ExpiryProxy, DepositWithdrawalProxy, GenericTraderProxyV1, LiquidatorProxyV5, EventEmitterRegistryProxy)retrieved 2026-05-16
Methodology #
Determine whether the implementation contract does not call `_disableInitializers()` in its constructor, leaving re-initialization possible.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol dolomite factor RD-F-143 score yellow collected_at 2026-05-16 11:12:56