The Contract Owner role as described in the project README.md does not exist.
Although there are three actors described in the project README.md, the Contract Owner and the Admin are the same role.
There is one usage of the function RockPaperScissors::owner()
which simply returns the adminAddress
The contract owners should aware that the Admin owns the RockPaperScissor
and any transfer of the Admin role is also a transfer of the Contract Owner role.
Manual Review.
It is recommended to remove the project README.md reference to the Contract Owner.
It is also recommended to remove RockPaperScissors::owner()
and instead utilize the Ownable2Step
contract from OpenZeppelin to control ownership.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.