HOPR is an open incentivized mixnet which enables privacy-preserving point-to-point data exchange. HOPR is similar to Tor but actually private, decentralized and economically sustainable.
The contract HoprDummyProxyForNetworkRegistry,HoprTicketPriceOracle,HoprStakingProxyForNetworkRegistry inherits from Ownable but does not remove the ability for the owner to renounceOwnership. Renouncing before transfering the ownership would result in the cointract having no owner thereby rendering the contract completely unusable as there is only one external function, protected by onlyOwner
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)
It is recommended that the owner should not be able to renounce ownership without transfering the ownership first. The functionality can be disabled with the following code.
function renounceOwnership() public override onlyOwner {
revert("Cannot renounce ownership");
}
Github username: -- Submission hash (on-chain): 0xcc2b91f819e304a653eefb36f340a1411688dbba8320e4b53543d6e7a16baa27 Severity: low
Description: Description\
Owner can renounce ownership of contract
Attack Scenario\
The contract
HoprDummyProxyForNetworkRegistry,HoprTicketPriceOracle,HoprStakingProxyForNetworkRegistryinherits from Ownable but does not remove the ability for the owner torenounceOwnership. Renouncing before transfering the ownership would result in the cointract having no owner thereby rendering the contract completely unusable as there is only one external function, protected by onlyOwnerAttachments
Proof of Concept (PoC) File
Revised Code File (Optional)
It is recommended that the owner should not be able to renounce ownership without transfering the ownership first. The functionality can be disabled with the following code.