Open hats-bug-reporter[bot] opened 1 week ago
Hi, i guess you refer a different version because we use in out implementation the version 6.6.2, an in this version the method as you mention transferOwnership
doesn't exist, only ha SetOwner, you can check here: https://github.com/transmissions11/solmate/blob/bff24e835192470ed38bf15dbed6084c2d723ace/src/auth/Auth.sol#L48
so, taking into account this Non-issue!!! and is invalid!! @0xRizwan pls check!!
transferOwnership()
is in latest version of solmate, its renamed from old version. @alfredolopez80 is correct here.
Github username: -- Twitter username: -- Submission hash (on-chain): 0xb0873ecd7d0ed615b90e7ede6bf1d03d4e3b88fbe17df9c1fd4af2465a401342 Severity: high
Description: Description\
PalmeraRoles.sol
contract has inherited the solmate'sRolesAuthority
contract.In constructor,
RolesAuthority
is also initialized.Here, the owner of authority is set to contract deployer i.e msg.sender.
RolesAuthority
constructor:PalmeraRoles.sol
contract's constructors also callssetupRoles(palmeraModule)
which is implemented as:As it can be seen, the ownership of authority is transferred to
palmeraModule
but the issue is thatsetOwner()
is not exist in contract.RolesAuthority.sol
also inheritsAuth.sol
which hastransferOwnership()
function to transfer the ownership.Recommendations\
Use
transferOwnership()
from inherited Auth than non-existent setOwner()