First Flight #10: One Shot
First Flight #10
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Single-step ownership change introduces risks in `Credibility`

0xtheblackpanther

Summary

The Credibility contract is currently using Ownable from OpenZeppelin, inheriting the default transferOwnership() function. This introduces a potential risk of unauthorized or accidental ownership transfers, which could compromise critical functions of the contract. The recommended solution is to implement a two-step ownership transfer mechanism using OpenZeppelin's Ownable2Step.sol.

Impact

The current vulnerability poses a risk of unauthorized ownership transfers, which could lead to compromise of critical functions ( e.g mint) within the Credibility contract. Implementing a two-step ownership transfer mechanism is crucial for mitigating this risk and enhancing the security of the contract.

Recommendations

Implement Two-Step Ownership Transfer

Integrate OpenZeppelin's Ownable2Step.sol into the Credibility contract to establish a two-step ownership transfer mechanism. This will enhance the security of the contract and reduce the risk of unauthorized ownership changes.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
0xtheblackpanther Submitter
over 1 year ago
inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.