Can not change the ownership of the contract XDEFIDistribution

[code423n4]

Handle

MaCree

Vulnerability details

Impact

can not change the ownership of the contract XDEFIDistribution

Proof of Concept

no way to set the value of the public variable pendingOwner, so no one can really use function acceptOwnership() to accept the ownership.

Tools Used

code review

Recommended Mitigation Steps

Reference: openzeppelin-solidity/contracts/ownership/Claimable.sol

[deluca-mike]

This is invalid. pendingOwner = newOwner_ happens right here: https://github.com/XDeFi-tech/xdefi-distribution/blob/v1.0.0-beta.0/contracts/XDEFIDistribution.sol#L70 in proposeOwnership.

[Ivshti]

agreed, invalid finding