From 97ce423d848ab2ff222faefa5f1b7485037e91a4 Mon Sep 17 00:00:00 2001 From: Khimesh Dewangan Date: Sat, 11 Jul 2026 21:12:18 +0530 Subject: [PATCH] docs(ifeevault): add init guard docs to IFeeVault interface Documents initialization guard requirements for proxy pattern security. Closes #363. --- interfaces/L2/IFeeVault.sol | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/interfaces/L2/IFeeVault.sol b/interfaces/L2/IFeeVault.sol index ee6fdba41..0cbe3835c 100644 --- a/interfaces/L2/IFeeVault.sol +++ b/interfaces/L2/IFeeVault.sol @@ -4,6 +4,16 @@ pragma solidity ^0.8.0; import { IProxyAdminOwnedBase } from "interfaces/L1/IProxyAdminOwnedBase.sol"; import { Types } from "src/libraries/Types.sol"; +/// @title IFeeVault +/// @notice Interface for fee vault contracts using the upgradeable proxy pattern. +/// @dev Implementing contracts MUST include initialization guards to prevent +/// Uninitialized Proxy/Implementation Front-running attacks. Specifically: +/// - The implementation contract's constructor MUST call _disableInitializers() +/// (or equivalent) to prevent unauthorized initialization. +/// - The initialize() function MUST use an initializer modifier to ensure +/// it can only be called once. +/// - Access control (e.g., only ProxyAdmin or ProxyAdmin owner) SHOULD be +/// enforced on the initialize() function. interface IFeeVault is IProxyAdminOwnedBase { error InvalidInitialization(); error NotInitializing();