One-step ownership vulnerability
Summary
A critical vulnerability has been identified in the contract’s ownership transfer mechanism. This vulnerability allows the ownership of the contract to be transferred to an unintended address or taken over by an attacker in a single transaction, bypassing the usual checks and balances that would typically prevent unauthorized ownership changes.
Vulnerability Details
The vulnerability arises when the contract allows the transfer of ownership in a single step without requiring confirmation or additional security measures.
Typically, secure ownership transfer mechanisms involve a two-step process:
The current owner initiates the transfer by specifying a new owner.
The new owner must then accept the transfer.
In a one-step ownable contract, the ownership transfer occurs immediately, which can be exploited in the following ways:
The owner might accidentally transfer ownership to the wrong address due to a typo or an incorrect parameter.
If an attacker gains control of the account used to initiate the transfer, they can instantly transfer ownership to themselves or a malicious contract without needing further confirmation from the original owner.
Impact
Complete loss of control
Funds and data at risk
Action is irreversible
Tools Used
Manual review
Recommendations
Use OpenZeppelin's Ownable2Step to manage contract ownership
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.