20,000 USDC
View results
Submission Details
Severity: medium
Valid

Lack of a double-step transferOwnership patter

Vulnerability Details

The current ownership transfer process for all the contracts inheriting from Ownable or OwnableUpgradeable involves the current owner calling the transferOwnership() function:

19: function transferOwnership(address _owner) public virtual onlyOwner {//@audit no 2step transfer
20: owner = _owner;
21: emit OwnershipTransferred(msg.sender, _owner);
22: }

Ownable.sol#L19-L22
In case the nominated EOA account is invalid, there is a significant possibility that the owner might unintentionally transfer ownership to an uncontrolled account. This can result in the loss of access to all functions associated with the onlyOwner modifier, presenting a potential risk.

Tools Used

VSCode

Recommendations

To mitigate this risk, it is advisable to adopt a two-step process. In this process, the owner nominates an account, and the nominated account must then execute an acceptOwnership() function to complete the ownership transfer successfully. This approach ensures that the nominated EOA account is both valid and active. To implement this, you can utilize OpenZeppelin's Ownable2Step contract as a replacement for Ownable.

52: function acceptOwnership() external {
53: address sender = _msgSender();
54: require(pendingOwner() == sender, "Ownable2Step: caller is not the new owner");
55: _transferOwnership(sender);
56: }

Ownable2Step.sol#L52-L56

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.