Ownable Manual Review Findings

OWN-01M: Ownership Pull-Over-Push Pattern

Description:

The current ownership system uses a push pattern whereby a new owner simply overwrites the previously set one without any form of acknowledgement validation.

Example:

Copy
74function _transferOwnership(address newOwner) internal {
75    require(newOwner != address(0), "Ownable: new owner is the zero address");
76    emit OwnershipTransferred(_owner, newOwner);
77    _owner = newOwner;
78}

Recommendation:

We advise the pull-over-push pattern to be applied whereby a new owner is instead proposed and consequently needs to accept ownership, signaling that they are aware of ownership and a controlled account.

Alleviation:

The contract no longer exists in the codebase and this exhibit can be considered null.