First Flight #12: Kitty Connect
First Flight #12: Kitty Connect
Beginner FriendlyFoundryNFTGameFi
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Lack of a mechanism to transfer ownership and state variable `KittyConnect::i_kittyConnectOwner` declared as an immutable makes it impossible to transfer the ownership of `KittyConnect`

pacelli

Summary

One of the roles of the protocol is the owner of KittyConnect, this role is given the power to assign a new owner of the contract but this task is impossible to accomplish for two reasons:

  • KittyConnect::i_kittyConnectOwner is declared as an immutable state variable. immutable state variables are initialized during deployment and cannot be changed after

  • Lack of logic to transfer the ownership of KittyConnect. The contract does not provide any method to assign ownership to a new account

Impact

Ownership of the contract cannot be transferred.

Tools Used

Manual review

Recommendations

Consider the following mitigations:

  1. Do not declare the owner of KittyConnect as an immutable state variable

+ address private s_kittyConnectOwner;
- address private immutable i_kittyConnectOwner;

  1. Consider implementing the Ownable library from OpenZeppelin to manage ownership of the contract

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Owner can't transfer ownership as Contest Details say.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.