Unauthorized Admin Transfer Vulnerability in `Adminable` Contract
Summary
The Adminable contract allows the current admin to transfer admin control to a new address through the transferAdmin function. This function is protected by the onlyAdmin modifier, restricting access to the current admin. However, if the admin's private key is compromised, an attacker could transfer admin control to themselves, leading to unauthorized access and potential exploitation of the protocol.
Vulnerability Details
Affected Function:
transferAdmin(address newAdmin)Access Control: Restricted to the current admin.
Risk: If an unauthorized party gains access to the admin's private key, they could execute this function and gain control over the entire protocol.
Impact
The vulnerability could lead to unauthorized control over the protocol, allowing an attacker to manipulate functionalities, steal funds, or disrupt service availability.
Tools Used
Manual Testing
Recommendations
The transferAdmin function incorporating a two-step transfer process. It adds a pendingAdmin variable, requiring the proposed admin to confirm the transfer by calling acceptAdmin.
Explanation:
The
ransferAdminfunction now only sets a pendingAdmin, allowing the proposed address to confirm by callingacceptAdmin.The
acceptAdminfunction ensures that only the pendingAdmin can finalize the transfer.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.