function setTeam(address _team) external {
_checkOnlyTeamAccess();
team = _team;
}
since setTeam is only callabe by the current team role, it can be takenover in case a wrong address is passed while calling this function.
Recommendation\
Consider implementing a two step transfer of team role just like the openzeppelin two step ownership transfers work, where the priviledged role is not directly handed over to the new address, instead a claimable process of role is implemented.
Github username: @burhankhaja Twitter username: imaybeghost Submission hash (on-chain): 0xa0c2a9ddb0677cdf65485f6515a47b49f230714caa5479d001061162b7a3d80a Severity: low
Description: team is an important priviledged role in VotingEscrowUpgradeableV1_2 and lot of team based function are only callable by this role.
Throughout the contract, it is only updated via two functions:
since setTeam is only callabe by the current
team
role, it can be takenover in case a wrong address is passed while calling this function.Recommendation\ Consider implementing a two step transfer of
team
role just like the openzeppelin two step ownership transfers work, where the priviledged role is not directly handed over to the new address, instead a claimable process of role is implemented.