The contract does not include any checks for the zero address when setting a new owner, which could be a potential oversight. It's generally a good idea to prevent the zero address from becoming an owner, as it cannot execute transactions.
Vulnerability Detail
initOwner(address newOwner)
Impact
We have to check for the zero address for the _OWNER.
bareli
medium
zero address verification for owner
Summary
The contract does not include any checks for the zero address when setting a new owner, which could be a potential oversight. It's generally a good idea to prevent the zero address from becoming an owner, as it cannot execute transactions.
Vulnerability Detail
initOwner(address newOwner)
Impact
We have to check for the zero address for the _OWNER.
Code Snippet
https://github.com/sherlock-audit/2023-12-dodo-gsp/blob/main/dodo-gassaving-pool/contracts/lib/InitializableOwnable.sol#L42 function initOwner(address newOwner) public notInitialized { INITIALIZED = true; OWNER = newOwner; }
Tool used
Manual Review
Recommendation
use require for zero address verification.