Generous Lace Sloth
Medium
By exploiting the unchanged ownership, the attacker can perform malicious actions such as manipulating auctions, lending, and borrowing. The global variable does not change by changeowner function because the global and local variable's names are same. https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaV3Aggregator.sol#L685
owner = ownerowner = ownerowner = owner owner = ownerowner = ownerowner = ownerThe attacker can implement the contract without changing the ownership.
No response
No response
Users interacting with the contract might expect that ownership can be transferred following the function's name and intent. When it fails to behave as expected, it could lead to a loss of trust in the contract and its administrators. If the owner needs to delegate or transfer control of the contract for operational or security reasons, they cannot do so. This limitation could hinder the flexibility and lifecycle management of the contract.
No response
It has to be correct.
function changeOwner(address newowner) public {
...
owner = newowner;
}