Open hats-bug-reporter[bot] opened 6 months ago
Github username: @erictee2802 Twitter username: 0xEricTee Submission hash (on-chain): 0xa49c48bd3ab8fa64f03ec6d56125c5ee14ad5034043da3c1f584ee617382e7cd Severity: low
Description: Description\
The Ownable contract can be upgraded to Open Zeppelin's Ownable2Step: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable2Step.sol
Ownable2Step provides added safety due to its securely designed two-step process.
For Instance in CatalystFactory.sol:
CatalystFactory.sol
./CatalystFactory.sol:20:contract CatalystFactory is Ownable, ICatalystV1Factory {
Attack Scenario\
If wrong address is set, owner cannot be recovered.
Attachments
NA
Use Ownable2Step from OpenZeppelin: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable2Step.sol
Intentional.
@reednaa any reasons behind?
It contains more code and the contracts are on the border of what can fit: forge compile --sizes
forge compile --sizes
Github username: @erictee2802 Twitter username: 0xEricTee Submission hash (on-chain): 0xa49c48bd3ab8fa64f03ec6d56125c5ee14ad5034043da3c1f584ee617382e7cd Severity: low
Description: Description\
The Ownable contract can be upgraded to Open Zeppelin's Ownable2Step: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable2Step.sol
Ownable2Step provides added safety due to its securely designed two-step process.
For Instance in
CatalystFactory.sol
:Attack Scenario\
If wrong address is set, owner cannot be recovered.
Attachments
NA
NA
Use Ownable2Step from OpenZeppelin: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable2Step.sol