New Security Vulnerability: How owners can mint tokens AFTER renouncing ownership
Background
As auditors, we always need to catch up with the newest security vulnerabilities, and new methods scammers use to mislead their investors.
Ownable Contract
The “ownable” contract is an access control contract implemented by the famous OpenZeppelin team, and it introduces the concept of ownership — this contract enables the creators of other contracts to do certain administrative operations such as minting tokens, setting global variables, etc.
The example above shows a publicly facing mint function that can only be called by the owner. After the owner mints enough tokens and the contract is fully operational.
Renouncing Ownership
The ownership concept sounds like an antithesis to the decentralized nature of the blockchain — why would investors want to invest in a project that gives certain individuals so much power?
This is where renouncing ownership comes in.
A common pattern after an initial stage of centralized administration is for the owner to relinquish his “owner” status. This means he will no longer have those unique privileges, and the contract will become truly decentralized — all users are equal.
In the example above, the owner can proceed to call renounceOwnerhip, which will make the mint function uncallable.
This renouncement is accomplished by the aptly named function “renounceOwnership” in OpenZeppelin’s contract.
The Modified Ownable Contract
In some of our recent audits, we’ve seen a modified version of OpenZeppelin’s Ownable contract, that has a significant flaw. This modified version can be maliciously used by the owner to mislead the community.
These modifications are meant to add a “locking” functionality to the owner role — the owner can “lock” his role, i.e give up his owner role and capabilities until a certain time has passed. After this deadline, the owner can call the “unlock” function which will restore his full owner capabilities.
The Attack
As we mentioned, these modifications have a significant flaw — a malicious owner can get his owner capabilities even after calling renounceOwnership!
Here’s a list of the required steps:
1️⃣ The owner of the contract can call lock() to lock the contract (the lock function saves the previous owner into a variable)
2️⃣ After the locking period has passed the owner of the contract can call unlock() and regain the ownership.
3️⃣ The owner of the contract can then call the renounceOwnership function. Now, the contract allegedly has no owner (users can verify it by looking for the renounceOwnership transaction and making sure that the owner is set to the zero address).
4️⃣ The owner of the contract can call the unlock function again, and get the ownership back and mint new tokens 💰
Mitigation
Like we mentioned, this vulnerability is tricky because the owner variable is set to zero (0x000…), and the renounceOwnership function was called.
However, proficient users can take a look at the previousOwner variable and make sure it is also set to the zero address.
Conclusion
The crypto-space is a fast ever-evolving space, and malicious users are using more and more sophisticated techniques to trick investors.
This new vulnerability and many more are the reason investors should always look for audits from reputable companies.
About Solid Group
Solid Group is a blockchain consulting and auditing service provider, founded by 3 cybersecurity experts with a passion for thinking out of the box, learning, and sharing knowledge.
Every project goes through a meticulous process and is viewed by at least two partners, thereby achieving a high level of credibility and professionalism.
Our group is partnered with multiple organizations and launchpads that have a combined market cap of over 300 million USD.
📣 Telegram| 🗣Telegram discussion group |📣 Twitter |🛡 Contact for audit