★ Public initialize() without initializer modifier

OpenEden's assessment for RD-F-022 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

V5Impl constructor calls _disableInitializers() (confirmed via GitHub source). initialize(...) is declared external with the OpenZeppelin initializer modifier — confirmed via GitHub source and Etherscan ABI showing initialize function as nonpayable (standard OZ initializer pattern). USDO implementation (0x87e3ba) also uses initializer modifier on its initialize function. No unprotected initialize found on any inspected implementation contract.

Sources #

GitHub
OpenEdenVaultV5Impl.sol — GitHub SourceV5Impl: constructor() { _disableInitializers(); } and function initialize(...) external initializerretrieved 2026-05-16
Etherscan
USDO Implementation — Etherscan Verified SourceUSDO implementation 0x87e3ba — initialize function uses initializer modifier confirmedretrieved 2026-05-16

Methodology #

Determine whether any implementation contract exposes `initialize(…)` without the OpenZeppelin `initializer` modifier or equivalent initialization lock.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol openeden factor RD-F-022 score green collected_at 2026-05-16 10:11:45