The TempleGold token is expected to be owned by the TempleGoldAdmin contract, which lacks access to update the ownership.
The TempleGold token is managed using the TempleGoldAdmin contract. Since the TempleGold contract inherits from LayerZero's OFT, ownership is handled via the OpenZeppelin Ownable module. To accommodate the TempleElevatedAccess base contract in this architecture, the protocol decided to build a TempleGoldAdmin contract that is set as the owner of the TempleGold token.
The purpose of the TempleGoldAdmin contract is to delegate owner calls to the TempleGold contract. It has one function for each of the ownable accessible functions present in the TempleGold token and its base contracts.
However, the implementation fails to cover the functions of the Ownable module itself. In particular it lacks the implementation of transferOwnership(), which would prevent the Temple DAO from updating the capabilities of the administrator contract.
The ownership of the TempleGold contract cannot be transferred. The admin capabilities would be limited to the current implementation of TempleGoldAdmin, preventing any future upgrades to the management of the TempleGold token.
Ownership transfer would be needed to accommodate future use cases within the management of the TempleGold token. Imagine a scenario in which a functionality is needed and the DAO votes for a change. Since contracts are not upgradeable,
- Deploy an updated version of the TempleGoldAdmin.
- DAO executes a proposal to move the TempleGold ownership from the current version to the updated contract.
- Proposal is executed on-chain to forward the ownership of the TempleGold contract to the new TempleGoldAdmin.
In this scenario, step 3 needs to be executed from the current version of the TempleGoldAdmin contract. Since the current version doesn't have access to the transferOwnership() function, it will be impossible to execute the flow.
None.
Add a transferOwnership() function to TempleGoldAdmin that forwards the call to the TempleGold contract.