TempleGold
TempleDAO
Foundry
25,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Use two step admin transfer method instead.

adeolu

Summary

implement two step transfer of daoExecutor admin rights to have a safer/fault proof method of transfering daoExecutor rights to another address.

Vulnerability Details

function setDaoExecutor(address _daoExecutor) external onlyDAOExecutor {
if (_daoExecutor == address(0)) { revert CommonEventsAndErrors.InvalidAddress(); }
daoExecutor = _daoExecutor; //@audit consider implemnting two step transfer of governance
emit DaoExecutorSet(_daoExecutor);
}

In a two step access transfer method, the current admin will propose a new admin and the new admin address will call another function to accept that role that was proposed on its behalf. This ensures that the proposed/new admin is a valid address which is controlled by the protocol and can make calls to the contract. This helps to further eliminate errors or mistakes that could happen in a single step transfer where one error/mistake may cause the role to be lost forever to a mistakenly set address

Recommendations

change the single step transfer method to a two step where

  • the current admin proposes a new admin address

  • the proposed admin address calls an "accept()" function in the contract to accept the admin priviledges.

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.