The ConfidencePool contract inherits from OpenZeppelin's Ownable2Step, which includes a public renounceOwnership() function. Unlike the factory, the pool does not override this function. If the pool owner (the sponsor) accidentally or maliciously calls renounceOwnership(), the owner is set to address(0) and several critical functions become permanently inoperable.
Functions affected: setRecoveryAddress, setExpiry (while not yet expiryLocked), setPoolScope (while not yet scopeLocked), pause, and unpause.
Root cause:
@> ConfidencePool.sol:16-23
The contract inherits Ownable2Step but does not override renounceOwnership(). OZ's Ownable2Step exposes it as a public function callable by the owner.
Likelihood: Low
Requires the pool owner to call renounceOwnership() — this is a self-inflicted action.
Pool owners who manage recovery addresses and expiry settings are unlikely to accidentally trigger this, but there is no protection against human error.
Impact: Low (if triggered)
Pool owner permanently loses ability to: update recoveryAddress, extend expiry (if still mutable), update scope (if not yet locked), pause/unpause stake/bonus paths.
Existing stakes, bonus contributions, and resolution paths are unaffected — stake, withdraw, claim*, flagOutcome are all owner-independent.
Resolution and withdrawal paths are NOT gated by onlyOwner, so user funds remain accessible.
Override renounceOwnership to revert:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.