Description

The NotEOA revert message is used when the given parameter is not an EOA. In the transferOwnership function, the wrong parameter is used as a revert message.

function transferOwnership(
        address owner,
        address newOwner
) external override {
    if (_isSmartContract(newOwner)) revert NotEOA(owner);

Impact

The revert message will point to irrelevant data.

Recommendations

We recommend changing the revert message to revert NotEOA(newOwner); as that reflects the actually verified parameter.

Remediation

This issue has been acknowledged by Biconomy, and a fix was implemented in commit bb275bf7↗.