MultiSig Timelock

First Flight #55

Beginner FriendlyWallet

100 EXP

View all submissions

Previous Next

Submission Details

Impact: high

Likelihood: high

Lack of Two-Step Ownership Transfer

Author Revealed upon completion

Scope
src/MultiSigTimelock.sol: Ownable

Root + Impact

Description

Normal behavior: Ownable allows single-step transfer.
Issue: If ownership is transferred to an incorrect address (e.g., typo), control is lost permanently.

// Inherits Ownable from OpenZeppelin (standard version usually single-step)

contract MultiSigTimelock is Ownable ...

Risk

Likelihood:

Reason 1 // Human error during transfer
Reason 2 // Irreversible action

Impact:

Impact 1 // Permanent loss of admin control
Impact 2 // Inability to manage signers

Proof of Concept

Explanation: Call transferOwnership with a wrong address. The new owner is set immediately.

multiSigTimelock.transferOwnership(wrongAddress);

// Now original owner cannot call onlyOwner functions

Recommended Mitigation

Explanation: Use Ownable2Step from OpenZeppelin.

- import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";

+ import {Ownable2Step} from "@openzeppelin/contracts/access/Ownable2Step.sol";

Status: Valid (Best Practice)

Rewards breakdown

nSLOC

205

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!