Possible loss of ownership #85
Labels
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
duplicate
This issue or pull request already exists
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Lines of code
https://github.dev/code-423n4/2022-05-aura/blob/90e63758c023af079b5347a08b006ad0e0730ab3/contracts/AuraStakingProxy.sol#L116-L117
Vulnerability details
Impact
It's possible to lose the ownership under specific circumstances.
Proof of Concept
The ownership change logic of the
AuraStakingProxy
contract implements an incorrect ACK system, since the user who has to call theapplyPendingOwner
method is the previousowner
of the contract. So if the owner delegates the property to a third party, and immediately loses the key, or dies. The property change cannot be carried out due to the logic error described above.Source code:
Recommended Mitigation Steps
Change the require to be like:
The text was updated successfully, but these errors were encountered: