Non-Compliance with ERC-20 Standard

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0xf70246df1a34fe4856e09a5d1e00bcc1a79e197d0b0e4915c7c28164bcc219a9 Severity: medium

Description: Description\ The IERC20 interface defined in the contracts/Minter.sol file includes a transferOwnership function, which is not part of the ERC-20 standard. The ERC-20 standard specifies a strict set of functions and events that must be implemented, and transferOwnership is not one of them.Including this function makes the contract non-complaint with erc20 standard

// ERC20 interface
interface IERC20 {
    function balanceOf(address account) external view returns (uint256);
    function approve(address spender, uint256 amount) external returns (bool);
    function mint(address to, uint256 amount) external;  
    function burn(uint256 amount) external; 
    function transferOwnership(address newOwner) external;//@audit
}

Attack Scenario\

Attachments

1. Proof of Concept (PoC) File

https://github.com/hats-finance/Accumulated-finance-0x75278bcc0fa7c9e3af98654bce195eaf3bb6a784/blob/fea3cdcd7693e95c7ddcfa4c79df9b5fa715aafc/contracts/Minter.sol#L5

Non-Compliance with ERC-20 Standard: Including non-standard functions in the IERC20 interface makes the contract non-compliant with the ERC-20 standard. This can lead to compatibility issues with wallets, exchanges, and other tools that expect a standard ERC-20 interface.

• Mixing ownership management functions with token functions can introduce security risks. Ownership management should be handled separately to ensure clear and secure access control.

2. Revised Code File (Optional)

• Remove the transferOwnership function from the IERC20 interface and use a separate Ownable contract for ownership management.

[ilzheev]

I would not comment this 😅