Assessment reports>Ionic Protocol>Informational findings>Remove renounceOwnership functionality
Category: Business Logic

Remove renounceOwnership functionality

Informational Severity
Informational Impact
N/A Likelihood


The FuseFeeDistributor, FusePoolDirectory and CurveLpTokenPriceOracleNoRegistry contracts implement OwnableUpgradeable which provides a method named renounceOwnership that removes the current owner (Reference). This is likely not a desired feature.


If renounceOwnership were called, the contract would be left without an owner.


Override the renounceOwnership function:

function renounceOwnership() public override onlyOwner{
    revert("This feature is not available.");


Ionic Protocol states that they may remove ownership of the contracts in the future, so the renounceOwnership functionality remains. However, they have implemented a two step ownership change pattern for added safety when transferring contract ownership in commit eeea03.

Ionic Protocol states, "in the future we may want to completely remove ownership on the contracts and allow the system to work permissionlessly. All of the contracts are set up to make this possible, so we do not see this as an issue."

Zellic © 2023Back to top ↑