★ Public initialize() without initializer modifier

Jito's assessment for RD-F-022 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Anchor programs use #[account(init)] constraints enforced at the runtime level — an account can only be initialized once (discriminator + non-zero lamports rejects re-init). No initialize() vulnerability class exists on Solana. No such finding in any of the five published audit reports.

Sources #

Docs
Stakenet Cargo.toml — Anchor 0.31.1Anchor 0.31.1 account initialization model with discriminator-based re-init protectionretrieved 2026-04-29

Methodology #

Determine whether any implementation contract exposes `initialize(…)` without the OpenZeppelin `initializer` modifier or equivalent initialization lock.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jito factor RD-F-022 score green collected_at 2026-04-29 15:50:23