Single-step process for critical ownership transfer is risky
Severity
Medium Risk
Summary
Single-step process for critical ownership transfer is risky due to possible human error which could result in locking all the functions that use the onlyOwner modifier.
Vulnerability Details
The custom contract Ownable.sol is inherited by Lender.sol which gives ownable functionality.
However, its implementation is not safe currently as the process is 1-step which is risky due to a possible human error and such an error is unrecoverable. For example, an incorrect address, for which the private key is not known, could be passed accidentally.
Impact
Critical functions using the onlyOwner modifier will be locked.
Tools Used
Manual review
Recommendations
Implement the change of ownership in 2 steps:
Approve a new address as a pendingOwner
A transaction from the pendingOwner address claims the pending ownership change.
This mitigates the risk because if an incorrect address is used in step (1) then it can be fixed by re-approving the correct address. Only after a correct address is used in step (1) can step (2) happen and complete the ownership change.
Single-step process for critical ownership transfer is risky
Severity
Medium Risk
Summary
Single-step process for critical ownership transfer is risky due to possible human error which could result in locking all the functions that use the onlyOwner modifier.
Vulnerability Details
The custom contract Ownable.sol is inherited by Lender.sol which gives ownable functionality.
However, its implementation is not safe currently as the process is 1-step which is risky due to a possible human error and such an error is unrecoverable. For example, an incorrect address, for which the private key is not known, could be passed accidentally.
Impact
Critical functions using the onlyOwner modifier will be locked.
Tools Used
Manual review
Recommendations
Implement the change of ownership in 2 steps:
Approve a new address as a pendingOwner A transaction from the pendingOwner address claims the pending ownership change. This mitigates the risk because if an incorrect address is used in step (1) then it can be fixed by re-approving the correct address. Only after a correct address is used in step (1) can step (2) happen and complete the ownership change.