Lines of code
<https://github.com/code-423n4/2023-04-ens/blob/45ea10bacb2a398e14d711fe28d1738271cd7640/contracts/dnssec-oracle/Owned.sol#L18-L20>
This finding highlights a potential security risk related to the lack of safeguards when changing ownership in the DNSSECImpl.sol contract. As it stands, the current implementation allows for the owner to be set toaddress(0), which could result in the loss of control over critical functions, leading to protocol failure.
The DNSSECImpl.sol contract inherits from a customOwned.sol contract that lacks proper checks when changing ownership.
OpenZeppelinโs Ownable.sol includes the necessary check to prevent setting the owner toaddress(0), and it should be implemented in any custom Ownable contract:Ownable.sol
File: contracts/dnssec-oracle/DNSSECImpl.sol
import "./Owned.sol";
The setOwner function inOwned.soldoes not prevent setting the new owner toaddress(0) and does not implement a two-step transfer ownership pattern:
File: contracts/dnssec-oracle/Owned.sol
function setOwner(address newOwner) public owner_only {
owner = newOwner;
}
Functions with owner_only access:
File: contracts/dnssec-oracle/DNSSECImpl.sol
function setAlgorithm(uint8 id, Algorithm algo) public owner_only {
algorithms[id] = algo;
emit AlgorithmUpdated(id, address(algo));
}
function setDigest(uint8 id, Digest digest) public owner_only {
digests[id] = digest;
emit DigestUpdated(id, address(digest));
}
Manual Reveiw
To address this security issue, it is recommended to use the OpenZeppelin Ownable.sol contract, which is a trusted and robust solution within the community:
OpenZeppelinโs Ownable: <https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable.sol>
The text was updated successfully, but these errors were encountered:
All reactions