Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
Found in contracts/Distribution.sol Line: 73
function createPool(Pool calldata pool_) public onlyOwner {
Found in contracts/Distribution.sol Line: 82
function editPool(uint256 poolId_, Pool calldata pool_) external onlyOwner poolExists(poolId_) {
Found in contracts/Distribution.sol Line: 127
) external onlyOwner poolExists(poolId_) {
Found in contracts/Distribution.sol Line: 323
) external payable onlyOwner returns (bytes memory) {
Found in contracts/Distribution.sol Line: 344
function removeUpgradeability() external onlyOwner {
Found in contracts/Distribution.sol Line: 348
function _authorizeUpgrade(address) internal view override onlyOwner {
Found in contracts/L1Sender.sol Line: 47
function setDistribution(address distribution_) public onlyOwner {
Found in contracts/L1Sender.sol Line: 51
function setRewardTokenConfig(RewardTokenConfig calldata newConfig_) public onlyOwner {
Found in contracts/L1Sender.sol Line: 55
function setDepositTokenConfig(DepositTokenConfig calldata newConfig_) public onlyOwner {
Found in contracts/L1Sender.sol Line: 135
function _authorizeUpgrade(address) internal view override onlyOwner {}
Found in contracts/L2MessageReceiver.sol Line: 26
function setParams(address rewardToken_, Config calldata config_) external onlyOwner {
Found in contracts/L2MessageReceiver.sol Line: 108
function _authorizeUpgrade(address) internal view override onlyOwner {}
Found in contracts/L2TokenReceiver.sol Line: 41
function editParams(SwapParams memory newParams_) external onlyOwner {
Found in contracts/L2TokenReceiver.sol Line: 54
function swap(uint256 amountIn_, uint256 amountOutMinimum_) external onlyOwner returns (uint256) {
Found in contracts/L2TokenReceiver.sol Line: 81
) external onlyOwner returns (uint128 liquidity_, uint256 amount0_, uint256 amount1_) {
Found in contracts/L2TokenReceiver.sol Line: 131
function _authorizeUpgrade(address) internal view override onlyOwner {}
Found in contracts/MOR.sol Line: 10
contract MOR is IMOR, ERC20Capped, ERC20Burnable, Ownable {
Found in contracts/MOR.sol Line: 24
function mint(address account_, uint256 amount_) external onlyOwner {
Found in contracts/mock/tokens/StETHMock.sol Line: 7
contract StETHMock is ERC20, Ownable {
Found in contracts/mock/tokens/StETHMock.sol Line: 29
function setTotalPooledEther(uint256 _totalPooledEther) external onlyOwner {
If the owner account is compromised or behaves maliciously, it could lead to undesirable consequences, such as unauthorized pool creation or fund drainage.
Aderyn
Instead of relying solely on a single owner account, consider implementing a multi-signature scheme.
Require multiple authorized parties to collectively approve critical actions like creating a pool.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.