Function: transferOwnership(address owner, address newOwner)

The function is used to transfer the ownership of a smart account.

Inputs

• owner

  • Control: Fully controlled by caller.

  • Constraints: Should not be address(0).

  • Impact: This is the previous owner to be removed.

• newOwner

  • Control: Fully controlled by caller.

  • Constraints: Should not be address(0).

  • Impact: This is the new owner to be transferred ownership to.

Branches and code coverage

Intended branches

• Set _smartAccountOwners for owner as false.

  Test coverage

• Set _smartAccountOwners for newOwner as true.

  Test coverage

Negative behavior

• Revert if newOwner is a smart contract.

  Negative test

• Revert if newOwner or owner is address(0).

  Negative test

• Revert if owner and newOwner are same addresses.

  Negative test

• Revert if owner is not an owner of the smart account.

  Negative test

• Revert if newOwner is already an owner of the smart account.

  Negative test

Function call analysis

• this._transferOwnership(msg.sender, owner, newOwner)

  • What is controllable? msg.sender, owner, and newOwner.

  • If the return value is controllable, how is it used and how can it go wrong? N/A.

  • What happens if it reverts, reenters, or does other unusual control flow? N/A.