Lack of Two-Step Owner Transfer in Ownable.sol
Summary
Ownable.soldoes not utilize a two-step role transfer process for changing ownership. The transferOwnership function, which can only be invoked by the contract owner, is currently implemented as a single-step function.
Vulnerability Details
Take a look at Ownable.sol#L19-L22
As seen the function merely requires the current owner to specify the new owner's address, which is then immediately set as the new owner. This implementation does not thoroughly validate the specified address. For instance, it does not account for the possibility that the address receiving the ownership role could be inaccessible. The current implementation is also prone to typographical errors, which may unintentionally lead to the transfer of ownership to an incorrect address.
Tool Used
Manual Audit
Spearbit's Clober Report
Recommended Mitigation
Implement a two-step ownership transfer process. This process involves the current owner proposing a new owner first. This proposed change doesn't take effect immediately. Instead, the address that has been proposed as the new owner has to accept the role to finalize the transfer.
This approach adds an extra layer of validation and decreases the likelihood of erroneous transfers since the new owner must actively accept the ownership role. It also allows for the correction of a mistake in the case the current owner sets an incorrect address as the proposed new owner.
Modified Code:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.