★ Reinitializable implementation (no _disableInitializers)

OpenEden's assessment for RD-F-143 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

TBILL V5 implementation (0xc4545Bf80f) DOES call _disableInitializers() in constructor — protected. USDO implementation (0x87e3Ba929c71c0e28fc1c817d107a888a59c523e) does NOT call _disableInitializers() — an attacker who gains access to the bare implementation can call initialize(name, symbol, owner) and grant themselves DEFAULT_ADMIN_ROLE. USDO is live with active TVL on Ethereum and Base. Rolled yellow: TBILL protected (majority of TVL), USDO not protected. [★ — yellow not red because TBILL impl is correct; USDO impl gap is a real but secondary risk]

Sources #

Etherscan
TBILL V5 — _disableInitializers presentV5 impl 0xc4545Bf80f: constructor() { _disableInitializers(); } — protectedretrieved 2026-05-16
Etherscan
USDO implementation — missing _disableInitializersUSDO impl 0x87e3Ba92: initialize(name_, symbol_, owner) with no _disableInitializers — re-initializableretrieved 2026-05-16

Methodology #

Determine whether the implementation contract does not call `_disableInitializers()` in its constructor, leaving re-initialization possible.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol openeden factor RD-F-143 score yellow collected_at 2026-05-16 10:11:45