OwnableImpl.sol#transferOwnership may transfer onwer to an address that does not have the ability to receive
Summary
OwnableImpl.sol#transferOwnership may transfer onwer to an address that does not have the ability to receive
Vulnerability Detail
File: splits-utils/src/OwnableImpl.sol
45 function transferOwnership(address owner_) public virtual onlyOwner {
46 $owner = owner_;
47 emit OwnershipTransferred(msg.sender, owner_);
48 }
The transferOwnership function of the OwnableImpl.sol contract can transfer the owner to a new address. The problem here is that the new onwer may be an address that does not have the ability to execute the owner permission (for example, a contract address that has not implemented related functions)
Impact
The admin function of the contract will become uncallable.
J4de
medium
OwnableImpl.sol#transferOwnership
may transfer onwer to an address that does not have the ability to receiveSummary
OwnableImpl.sol#transferOwnership
may transfer onwer to an address that does not have the ability to receiveVulnerability Detail
The
transferOwnership
function of theOwnableImpl.sol
contract can transfer the owner to a new address. The problem here is that the new onwer may be an address that does not have the ability to execute the owner permission (for example, a contract address that has not implemented related functions)Impact
The admin function of the contract will become uncallable.
Code Snippet
https://github.com/0xSplits/splits-utils/blob/0dd263bf6feb0bd26b054da3cf1bb742d0bfb13e/src/OwnableImpl.sol#L45-L48
Tool used
Manual Review
Recommendation
It is recommended to add an function to allow the receiver of the owner to actively receive the identity of the owner.