Nouns DAO - Kaysoft's results

[L-01] Use latest stable version of Solidity

The file used 0.8.6. Consider using at least version 0.8.19 solidity pragma version because newer versions have bug fixes and security updates.

Files: https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOExecutor.sol#L31

[L-02] UUPSUpgradeable not initialized in the initialize function of NounsDAOExecutorV2.sol

The __UUPSUpgradeable_init() initialize function of the UUPSUpgradeable contract that is inherited by NounsDAOExecutorV2.sol is not invoked in the initialize function.

File: https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOExecutorV2.sol#L95

Recomended Mitigation Steps

Invoke the __UUPSUpgradeable_init() in the initialize function of NounsDAOExecutorV2.sol

[L-03] Remove commented code

The NounsDAOExecutorV2 contract contain commented code

File: https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOExecutorV2.sol#L240

Recommended Mitigation Steps

Consider removing the commented code

[L-04] ERC721CheckpointableUpgradeable not initialized in the NounsTokenFork.sol contract.

The NounsTokenFork inherits from the ERC721CheckpointableUpgradeable but the init function is not invoked.

File: https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/fork/newdao/token/NounsTokenFork.sol#L129

Recommended Mitigation Steps

Consider invoking the initialize function of ERC721CheckpointableUpgradeable in the initialize function of NounsTokenFork.sol.