Single-Step Ownership Transfer in LiquidationPoolManager and SmartVaultIndex
Summary
The audit has identified a vulnerability related to the ownership transfer mechanism in the LiquidationPoolManager and SmartVaultIndex contracts. The issue stems from the use of a single-step transfer, which poses a risk of permanent loss of ownership or admin rights.
Vulnerability Details
The root cause of the vulnerability is the implementation of a single-step ownership transfer in the OwnableUpgradeable.sol contract. Specifically, this impacts methods marked as onlyOwner throughout the protocol, including critical core functionality.
Impact
The impact of the vulnerability is significant, as a single-step ownership transfer implies that if an incorrect address is used during the transfer, ownership or admin rights may be irreversibly lost. This could compromise the integrity and functionality of core protocol features.
Tools Used
Manual Review
Recommendations
To address this vulnerability, it is strongly recommended to adopt a two-step ownership transfer pattern. This involves initiating the transfer to a "pending" state, requiring the new owner to claim their new rights. The use of OpenZeppelin's Ownable2Step contract is suggested for a more secure ownership transfer process.
Lead Judging Commences
single-step-ownership
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.