Centralized Risk for trusted owner
Summary: Centralized Risk for trusted Owner
Vulnerability Details:
Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
- Found in src/LikeRegistry.sol [Line: 8](src/LikeRegistry.sol#L8)
```solidity
contract LikeRegistry is Ownable {
```
- Found in src/LikeRegistry.sol [Line: 73](src/LikeRegistry.sol#L73)
```solidity
function withdrawFees() external onlyOwner {
```
- Found in src/SoulboundProfileNFT.sol [Line: 9](src/SoulboundProfileNFT.sol#L9)
```solidity
contract SoulboundProfileNFT is ERC721, Ownable {
```
- Found in src/SoulboundProfileNFT.sol [Line: 58](src/SoulboundProfileNFT.sol#L58)
```solidity
function blockProfile(address blockAddress) external onlyOwner {
Impact: Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
Tools Used
Vscodim
Aderyn
slither
Recommendations: Be sure if the owner is trusted or not. Maybe you can give the role as per need conditions.Decentralized Governance: Implement a multi-signature wallet or DAO (Decentralized Autonomous)
Appeal created
Admin is trusted
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.