TempleGold
TempleDAO
Foundry
25,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Use two step admin transfer method instead.

adeolu

Summary

implement two step transfer of daoExecutor admin rights to have a safer/fault proof method of transfering daoExecutor rights to another address.

Vulnerability Details

function setDaoExecutor(address _daoExecutor) external onlyDAOExecutor {
if (_daoExecutor == address(0)) { revert CommonEventsAndErrors.InvalidAddress(); }
daoExecutor = _daoExecutor; //@audit consider implemnting two step transfer of governance
emit DaoExecutorSet(_daoExecutor);
}

In a two step access transfer method, the current admin will propose a new admin and the new admin address will call another function to accept that role that was proposed on its behalf. This ensures that the proposed/new admin is a valid address which is controlled by the protocol and can make calls to the contract. This helps to further eliminate errors or mistakes that could happen in a single step transfer where one error/mistake may cause the role to be lost forever to a mistakenly set address

Recommendations

change the single step transfer method to a two step where

  • the current admin proposes a new admin address

  • the proposed admin address calls an "accept()" function in the contract to accept the admin priviledges.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.