Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Audit 3 fix #37

Merged
merged 24 commits into from
Jul 25, 2023
Merged

Audit 3 fix #37

Changes from 1 commit
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
f89a9d9
OracleFeeDistributor__ClientBasisPointsShouldBeHigherThan5000
sanbir Jul 10, 2023
bbff409
fix 1. Rewards can be accounted as collateral
sanbir Jul 18, 2023
04de59a
fix 2. The slashed validator’s stake gets split between client, refer…
sanbir Jul 19, 2023
d180529
fix 3. Null basis points will lead to the lock of funds
sanbir Jul 19, 2023
9ddd011
fix 4. Client’s collateral can be distributed as rewards
sanbir Jul 20, 2023
49db303
fix 5. Possible ddos of an expiration time
sanbir Jul 20, 2023
82053a9
test_OracleFeeDistributor_withdraw_with_the_same_proof
sanbir Jul 21, 2023
80a9a4b
fix H6 test_OracleFeeDistributor_withdraw_after_emergencyEtherRecover…
sanbir Jul 21, 2023
05bf2d6
fix M3 An incorrect distribution of rewards in case of _sendValue revert
sanbir Jul 24, 2023
cf26f32
fix M4 s_defaultClientBasisPoints should be restricted
sanbir Jul 24, 2023
29984b6
fix M5 Non-existing _feeDistributorInstance can be rejected
sanbir Jul 24, 2023
401457f
fix M8 recoverEther function shouldn’t be called with gas restrictions
sanbir Jul 24, 2023
54acad9
fix M11 A failed send to to address in recoverEther leads to over-dis…
sanbir Jul 24, 2023
c60cd0c
fix M12 The ServiceRejected status is ignored in the addEth and makeB…
sanbir Jul 24, 2023
eec0556
fix M13 ClientConfig.basisPoints equal to 100% at OracleFeeDistributo…
sanbir Jul 24, 2023
162f0da
fix M14 P2pOrgUnlimitedEthDepositor.refundAll() can be blocked for an…
sanbir Jul 24, 2023
3d15938
fix L1 A newOwner can be the current owner
sanbir Jul 24, 2023
60323bc
fix L2 Zero address can be valid
sanbir Jul 24, 2023
f039c9a
fix L3 ERC721 safeTransferFrom is not safe
sanbir Jul 24, 2023
e26cdf7
fix L5 chainId can replace the flag
sanbir Jul 24, 2023
ab0a2a5
fix L6. A missing zero address check
sanbir Jul 24, 2023
a1fae62
fix L7. referrerConfig.basisPoints can be set to 0, even if referrerC…
sanbir Jul 24, 2023
f63f55a
fix typos
sanbir Jul 24, 2023
51b296d
fix typos
sanbir Jul 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix L1 A newOwner can be the current owner
  • Loading branch information
@sanbir
sanbir committed Jul 24, 2023
commit 3d1593864421bf0a68800b9521ca81960a1057c5
12 changes: 11 additions & 1 deletion contracts/access/Ownable2Step.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,11 @@ import "./Ownable.sol";
*/
error Ownable2Step__CallerNotNewOwner();

/**
* @notice new owner address should be different from the current owner
*/
error Ownable2Step__NewOwnerShouldNotBeCurrentOwner();

/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
Expand Down Expand Up @@ -43,8 +48,13 @@ abstract contract Ownable2Step is Ownable {
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
address currentOwner = owner();
if (newOwner == currentOwner) {
revert Ownable2Step__NewOwnerShouldNotBeCurrentOwner();
}

s_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
emit OwnershipTransferStarted(currentOwner, newOwner);
}

/**
Expand Down