feat: upgrade proxies validation, natspec reformat for UUPSProxiable and UUPSProxy

jaybuidl · jaybuidl · commit 87f9d08f7e31 · 2025-01-22T00:01:37.000Z
diff --git a/contracts/package.json b/contracts/package.json
@@ -27,6 +27,7 @@
     "start-local": "hardhat node --tags Arbitration,HomeArbitrable --hostname 0.0.0.0",
     "deploy": "hardhat deploy",
     "deploy-local": "hardhat deploy --tags Arbitration,HomeArbitrable --network localhost",
+    "validate-upgrades": "openzeppelin-upgrades-core validate --exclude 'src/proxy/mock/**/*.sol' --exclude 'src/test/**/*.sol' artifacts/build-info",
     "simulate": "hardhat simulate:all",
     "simulate-local": "hardhat simulate:all --network localhost",
     "viem:generate-devnet": "NODE_NO_WARNINGS=1 wagmi generate -c wagmi.config.devnet.ts",
@@ -69,6 +70,7 @@
     "@nomicfoundation/hardhat-chai-matchers": "^2.0.8",
     "@nomicfoundation/hardhat-ethers": "^3.0.8",
     "@nomiclabs/hardhat-solhint": "^4.0.1",
+    "@openzeppelin/upgrades-core": "^1.41.0",
     "@typechain/ethers-v6": "^0.5.1",
     "@typechain/hardhat": "^9.1.0",
     "@types/chai": "^4.3.20",
@@ -80,23 +82,23 @@
     "dotenv": "^16.4.5",
     "eslint": "^9.15.0",
     "ethereumjs-util": "^7.1.5",
-    "ethers": "^6.13.4",
+    "ethers": "^6.13.5",
     "graphql": "^16.9.0",
     "graphql-request": "^7.1.2",
-    "hardhat": "2.22.16",
+    "hardhat": "2.22.18",
     "hardhat-contract-sizer": "^2.10.0",
     "hardhat-deploy": "^0.14.0",
     "hardhat-deploy-ethers": "^0.4.2",
-    "hardhat-deploy-tenderly": "^0.2.0",
+    "hardhat-deploy-tenderly": "^0.2.1",
     "hardhat-docgen": "^1.3.0",
-    "hardhat-gas-reporter": "^2.2.1",
+    "hardhat-gas-reporter": "^2.2.2",
     "hardhat-tracer": "^3.1.0",
     "hardhat-watcher": "^2.5.0",
     "node-fetch": "^3.3.2",
     "pino": "^8.21.0",
     "pino-pretty": "^10.3.1",
     "prettier": "^3.3.3",
-    "prettier-plugin-solidity": "^1.4.1",
+    "prettier-plugin-solidity": "^1.4.2",
     "shelljs": "^0.8.5",
     "solhint-plugin-prettier": "^0.1.0",
     "solidity-coverage": "^0.8.13",
@@ -107,7 +109,7 @@
   "dependencies": {
     "@chainlink/contracts": "^1.3.0",
     "@kleros/vea-contracts": "^0.4.0",
-    "@openzeppelin/contracts": "^5.1.0",
+    "@openzeppelin/contracts": "^5.2.0",
     "viem": "^2.21.48"
   }
 }
diff --git a/contracts/src/arbitration/DisputeTemplateRegistry.sol b/contracts/src/arbitration/DisputeTemplateRegistry.sol
@@ -33,7 +33,7 @@ contract DisputeTemplateRegistry is IDisputeTemplateRegistry, UUPSProxiable, Ini
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/KlerosCore.sol b/contracts/src/arbitration/KlerosCore.sol
@@ -20,7 +20,7 @@ contract KlerosCore is KlerosCoreBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/KlerosCoreNeo.sol b/contracts/src/arbitration/KlerosCoreNeo.sol
@@ -28,7 +28,7 @@ contract KlerosCoreNeo is KlerosCoreBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/PolicyRegistry.sol b/contracts/src/arbitration/PolicyRegistry.sol
@@ -40,7 +40,7 @@ contract PolicyRegistry is UUPSProxiable, Initializable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/SortitionModule.sol b/contracts/src/arbitration/SortitionModule.sol
@@ -21,7 +21,7 @@ contract SortitionModule is SortitionModuleBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/SortitionModuleNeo.sol b/contracts/src/arbitration/SortitionModuleNeo.sol
@@ -29,7 +29,7 @@ contract SortitionModuleNeo is SortitionModuleBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/devtools/KlerosCoreRuler.sol b/contracts/src/arbitration/devtools/KlerosCoreRuler.sol
@@ -166,7 +166,7 @@ contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/dispute-kits/DisputeKitClassic.sol b/contracts/src/arbitration/dispute-kits/DisputeKitClassic.sol
@@ -23,7 +23,7 @@ contract DisputeKitClassic is DisputeKitClassicBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/dispute-kits/DisputeKitGated.sol b/contracts/src/arbitration/dispute-kits/DisputeKitGated.sol
@@ -46,7 +46,7 @@ contract DisputeKitGated is DisputeKitClassicBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/dispute-kits/DisputeKitSybilResistant.sol b/contracts/src/arbitration/dispute-kits/DisputeKitSybilResistant.sol
@@ -36,7 +36,7 @@ contract DisputeKitSybilResistant is DisputeKitClassicBase {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/evidence/EvidenceModule.sol b/contracts/src/arbitration/evidence/EvidenceModule.sol
@@ -37,7 +37,7 @@ contract EvidenceModule is IEvidence, Initializable, UUPSProxiable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/university/KlerosCoreUniversity.sol b/contracts/src/arbitration/university/KlerosCoreUniversity.sol
@@ -182,7 +182,7 @@ contract KlerosCoreUniversity is IArbitratorV2, UUPSProxiable, Initializable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/arbitration/university/SortitionModuleUniversity.sol b/contracts/src/arbitration/university/SortitionModuleUniversity.sol
@@ -68,7 +68,7 @@ contract SortitionModuleUniversity is ISortitionModuleUniversity, UUPSProxiable,
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/gateway/ForeignGateway.sol b/contracts/src/gateway/ForeignGateway.sol
@@ -73,7 +73,7 @@ contract ForeignGateway is IForeignGateway, UUPSProxiable, Initializable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/gateway/HomeGateway.sol b/contracts/src/gateway/HomeGateway.sol
@@ -59,7 +59,7 @@ contract HomeGateway is IHomeGateway, UUPSProxiable, Initializable {
     // *            Constructor            * //
     // ************************************* //
 
-    /// @dev Constructor, initializing the implementation to reduce attack surface.
+    /// @custom:oz-upgrades-unsafe-allow constructor
     constructor() {
         _disableInitializers();
     }
diff --git a/contracts/src/kleros-v1/kleros-liquid-xdai/xKlerosLiquidV2.sol b/contracts/src/kleros-v1/kleros-liquid-xdai/xKlerosLiquidV2.sol
@@ -16,6 +16,7 @@ import "../../gateway/interfaces/IForeignGateway.sol";
 /// @dev This contract is an adaption of Mainnet's KlerosLiquid (https://github.com/kleros/kleros/blob/69cfbfb2128c29f1625b3a99a3183540772fda08/contracts/kleros/KlerosLiquid.sol)
 /// for xDai chain. Notice that variables referring to ETH values in this contract, will hold the native token values of the chain on which xKlerosLiquid is deployed.
 /// When this contract gets deployed on xDai chain, ETH variables will hold xDai values.
+/// @custom:oz-upgrades-unsafe-allow external-library-linking
 contract xKlerosLiquidV2 is Initializable, ITokenController, IArbitratorV2 {
     // ************************************* //
     // *         Enums / Structs           * //
diff --git a/contracts/src/proxy/UUPSProxiable.sol b/contracts/src/proxy/UUPSProxiable.sol
@@ -1,56 +1,41 @@
 //SPDX-License-Identifier: MIT
-// Adapted from <https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.0/contracts/proxy/utils/UUPSUpgradeable.sol>
-
-/**
- *  @authors: [@malatrax]
- *  @reviewers: []
- *  @auditors: []
- *  @bounties: []
- *  @deployments: []
- */
+
 pragma solidity 0.8.24;
 
-/**
- * @title UUPS Proxiable
- * @author Simon Malatrait <simon.malatrait@grenoble-inp.org>
- * @dev This contract implements an upgradeability mechanism designed for UUPS proxies.
- * The functions included here can perform an upgrade of an UUPS Proxy, when this contract is set as the implementation behind such a proxy.
- *
- * IMPORTANT: A UUPS proxy requires its upgradeability functions to be in the implementation as opposed to the transparent proxy.
- * This means that if the proxy is upgraded to an implementation that does not support this interface, it will no longer be upgradeable.
- *
- * A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
- * reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
- * `UUPSProxiable` with a custom implementation of upgrades.
- *
- * The `_authorizeUpgrade` function must be overridden to include access restriction to the upgrade mechanism.
- */
+/// @title UUPS Proxiable
+/// @author Simon Malatrait <simon.malatrait@grenoble-inp.org>
+/// @dev This contract implements an upgradeability mechanism designed for UUPS proxies.
+/// @dev Adapted from <https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.0/contracts/proxy/utils/UUPSUpgradeable.sol>
+/// The functions included here can perform an upgrade of an UUPS Proxy, when this contract is set as the implementation behind such a proxy.
+///
+/// IMPORTANT: A UUPS proxy requires its upgradeability functions to be in the implementation as opposed to the transparent proxy.
+/// This means that if the proxy is upgraded to an implementation that does not support this interface, it will no longer be upgradeable.
+///
+/// A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
+/// reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
+/// `UUPSProxiable` with a custom implementation of upgrades.
+///
+/// The `_authorizeUpgrade` function must be overridden to include access restriction to the upgrade mechanism.
 abstract contract UUPSProxiable {
     // ************************************* //
     // *             Event                 * //
     // ************************************* //
 
-    /**
-     * Emitted when the `implementation` has been successfully upgraded.
-     * @param newImplementation Address of the new implementation the proxy is now forwarding calls to.
-     */
+    /// @dev Emitted when the `implementation` has been successfully upgraded.
+    /// @param newImplementation Address of the new implementation the proxy is now forwarding calls to.
     event Upgraded(address indexed newImplementation);
 
     // ************************************* //
     // *             Error                 * //
     // ************************************* //
 
-    /**
-     * @dev The call is from an unauthorized context.
-     */
+    /// @dev The call is from an unauthorized context.
     error UUPSUnauthorizedCallContext();
 
-    /**
-     * @dev The storage `slot` is unsupported as a UUID.
-     */
+    /// @dev The storage `slot` is unsupported as a UUID.
     error UUPSUnsupportedProxiableUUID(bytes32 slot);
 
-    /// The `implementation` is not UUPS-compliant
+    /// @dev The `implementation` is not UUPS-compliant
     error InvalidImplementation(address implementation);
 
     /// Failed Delegated call
@@ -60,48 +45,40 @@ abstract contract UUPSProxiable {
     // *             Storage               * //
     // ************************************* //
 
-    /**
-     * @dev Storage slot with the address of the current implementation.
-     * This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
-     * validated in the constructor.
-     * NOTE: bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1)
-     */
+    /// @dev Storage slot with the address of the current implementation.
+    /// @dev This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
+    /// @dev validated in the constructor.
+    /// @dev NOTE: bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1)
     bytes32 private constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
 
-    /**
-     * @dev Storage variable of the proxiable contract address.
-     * It is used to check whether or not the current call is from the proxy.
-     */
+    /// @dev Storage variable of the proxiable contract address.
+    /// @dev It is used to check whether or not the current call is from the proxy.
+    /// @custom:oz-upgrades-unsafe-allow state-variable-immutable
     address private immutable __self = address(this);
 
     // ************************************* //
     // *             Governance            * //
     // ************************************* //
 
-    /**
-     * @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract.
-     * @dev Called by {upgradeToAndCall}.
-     */
+    /// @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract.
+    /// @dev Called by {upgradeToAndCall}.
     function _authorizeUpgrade(address newImplementation) internal virtual;
 
     // ************************************* //
     // *         State Modifiers           * //
     // ************************************* //
 
-    /**
-     * @dev Upgrade mechanism including access control and UUPS-compliance.
-     * @param newImplementation Address of the new implementation contract.
-     * @param data Data used in a delegate call to `newImplementation` if non-empty. This will typically be an encoded
-     * function call, and allows initializing the storage of the proxy like a Solidity constructor.
-     *
-     * @dev Reverts if the execution is not performed via delegatecall or the execution
-     * context is not of a proxy with an ERC1967-compliant implementation pointing to self.
-     */
+    /// @dev Upgrade mechanism including access control and UUPS-compliance.
+    /// @param newImplementation Address of the new implementation contract.
+    /// @param data Data used in a delegate call to `newImplementation` if non-empty. This will typically be an encoded
+    /// function call, and allows initializing the storage of the proxy like a Solidity constructor.
+    /// @dev Reverts if the execution is not performed via delegatecall or the execution
+    /// context is not of a proxy with an ERC1967-compliant implementation pointing to self.
     function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual {
         _authorizeUpgrade(newImplementation);
 
-        /* Check that the execution is being performed through a delegatecall call and that the execution context is
-        a proxy contract with an implementation (as defined in ERC1967) pointing to self. */
+        // Check that the execution is being performed through a delegatecall call and that the execution context is
+        // a proxy contract with an implementation (as defined in ERC1967) pointing to self.
         if (address(this) == __self || _getImplementation() != __self) {
             revert UUPSUnauthorizedCallContext();
         }
@@ -118,6 +95,7 @@ abstract contract UUPSProxiable {
 
             if (data.length != 0) {
                 // The return data is not checked (checking, in case of success, that the newImplementation code is non-empty if the return data is empty) because the authorized callee is trusted.
+                /// @custom:oz-upgrades-unsafe-allow delegatecall
                 (bool success, ) = newImplementation.delegatecall(data);
                 if (!success) {
                     revert FailedDelegateCall();
@@ -132,14 +110,12 @@ abstract contract UUPSProxiable {
     // *           Public Views            * //
     // ************************************* //
 
-    /**
-     * @dev Implementation of the ERC1822 `proxiableUUID` function. This returns the storage slot used by the
-     * implementation. It is used to validate the implementation's compatibility when performing an upgrade.
-     *
-     * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
-     * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
-     * function revert if invoked through a proxy. This is guaranteed by the if statement.
-     */
+    /// @dev Implementation of the ERC1822 `proxiableUUID` function. This returns the storage slot used by the
+    /// implementation. It is used to validate the implementation's compatibility when performing an upgrade.
+    ///
+    /// IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
+    /// bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
+    /// function revert if invoked through a proxy. This is guaranteed by the if statement.
     function proxiableUUID() external view virtual returns (bytes32) {
         if (address(this) != __self) {
             // Must not be called through delegatecall
@@ -148,10 +124,8 @@ abstract contract UUPSProxiable {
         return IMPLEMENTATION_SLOT;
     }
 
-    /**
-     * @notice Returns the version of the contract.
-     * @return Version string.
-     */
+    /// @dev Returns the version of the implementation.
+    /// @return Version string.
     function version() external view virtual returns (string memory);
 
     // ************************************* //
diff --git a/contracts/src/proxy/UUPSProxy.sol b/contracts/src/proxy/UUPSProxy.sol
diff --git a/yarn.lock b/yarn.lock

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ contract DisputeTemplateRegistry is IDisputeTemplateRegistry, UUPSProxiable, Ini`
`33`	`33`	`// * Constructor * //`
`34`	`34`	`// ************************************* //`
`35`	`35`
`36`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`36`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`37`	`37`	`constructor() {`
`38`	`38`	`_disableInitializers();`
`39`	`39`	`}`
Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ contract KlerosCore is KlerosCoreBase {`
`20`	`20`	`// * Constructor * //`
`21`	`21`	`// ************************************* //`
`22`	`22`
`23`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`23`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`24`	`24`	`constructor() {`
`25`	`25`	`_disableInitializers();`
`26`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ contract KlerosCoreNeo is KlerosCoreBase {`
`28`	`28`	`// * Constructor * //`
`29`	`29`	`// ************************************* //`
`30`	`30`
`31`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`31`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`32`	`32`	`constructor() {`
`33`	`33`	`_disableInitializers();`
`34`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ contract PolicyRegistry is UUPSProxiable, Initializable {`
`40`	`40`	`// * Constructor * //`
`41`	`41`	`// ************************************* //`
`42`	`42`
`43`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`43`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`44`	`44`	`constructor() {`
`45`	`45`	`_disableInitializers();`
`46`	`46`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@ contract SortitionModule is SortitionModuleBase {`
`21`	`21`	`// * Constructor * //`
`22`	`22`	`// ************************************* //`
`23`	`23`
`24`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`24`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`25`	`25`	`constructor() {`
`26`	`26`	`_disableInitializers();`
`27`	`27`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ contract SortitionModuleNeo is SortitionModuleBase {`
`29`	`29`	`// * Constructor * //`
`30`	`30`	`// ************************************* //`
`31`	`31`
`32`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`32`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`33`	`33`	`constructor() {`
`34`	`34`	`_disableInitializers();`
`35`	`35`	`}`
Original file line number	Diff line number	Diff line change
`@@ -166,7 +166,7 @@ contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {`
`166`	`166`	`// * Constructor * //`
`167`	`167`	`// ************************************* //`
`168`	`168`
`169`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`169`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`170`	`170`	`constructor() {`
`171`	`171`	`_disableInitializers();`
`172`	`172`	`}`
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ contract DisputeKitClassic is DisputeKitClassicBase {`
`23`	`23`	`// * Constructor * //`
`24`	`24`	`// ************************************* //`
`25`	`25`
`26`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`26`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`27`	`27`	`constructor() {`
`28`	`28`	`_disableInitializers();`
`29`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ contract DisputeKitGated is DisputeKitClassicBase {`
`46`	`46`	`// * Constructor * //`
`47`	`47`	`// ************************************* //`
`48`	`48`
`49`		`- /// @dev Constructor, initializing the implementation to reduce attack surface.`
	`49`	`+ /// @custom:oz-upgrades-unsafe-allow constructor`
`50`	`50`	`constructor() {`
`51`	`51`	`_disableInitializers();`
`52`	`52`	`}`