As can be seen that it is an internal function and there exists no public function with onlyOwner modifier there is no possibility of changing the sweepReceipent. Owner is set as sweep recipient initally as can be seen from the following function
Now a owner can renounce its ownership and change to a new owner but the sweep Recipient can not be changed thus if the sweep receipent address gets depreciated it causes loss of funds.
Impact
Causes loss of funds if sweep recipient address gets depreciated and there is no way to change it not even by the new owner.
Varun_05
medium
There is no way to change the SweepRecipient. Not even by the owner.
Summary
In the current implementation of sweepable.sol there is no way to change the sweep recepient. Not even by the owner.
Vulnerability Detail
Following is the set sweep recipient function.
As can be seen that it is an internal function and there exists no public function with onlyOwner modifier there is no possibility of changing the sweepReceipent. Owner is set as sweep recipient initally as can be seen from the following function
Now a owner can renounce its ownership and change to a new owner but the sweep Recipient can not be changed thus if the sweep receipent address gets depreciated it causes loss of funds.
Impact
Causes loss of funds if sweep recipient address gets depreciated and there is no way to change it not even by the new owner.
Code Snippet
https://github.com/sherlock-audit/2024-05-tokensoft-distributor-contracts-update/blob/67edd899612619b0acefdcb0783ef7a8a75caeac/contracts/packages/hardhat/contracts/utilities/Sweepable.sol#L47
Tool used
Manual Review
Recommendation
Add a new set sweep recipient function with onlyOwner modifier which allows to change the sweep recipient.