Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
Instances (19):
File: contracts/L1/messaging/L1CrossDomainMessenger.sol
90: __Context_init_unchained(); // Context is a dependency for both Ownable and Pausable
99: function pause() external onlyOwner {
107: function blockMessage(bytes32 _xDomainCalldataHash) external onlyOwner {
116: function allowMessage(bytes32 _xDomainCalldataHash) external onlyOwner {
File: contracts/L1/rollup/ChainStorageContainer.sol
71: function setGlobalMetadata(bytes27 _globalMetadata) public onlyOwner {
95: function push(bytes32 _object) public onlyOwner {
103: function push(bytes32 _object, bytes27 _globalMetadata) public onlyOwner {
119: function deleteElementsAfterInclusive(uint256 _index) public onlyOwner {
File: contracts/L2/predeploys/OVM_DeployerWhitelist.sol
49: function setWhitelistedDeployer(address _deployer, bool _isWhitelisted) external onlyOwner {
59: function setOwner(address _owner) public onlyOwner {
75: function enableArbitraryContractDeployment() external onlyOwner {
File: contracts/L2/predeploys/OVM_GasPriceOracle.sol
5: import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
18: contract OVM_GasPriceOracle is Ownable {
41: constructor(address _owner) Ownable() {
64: function setGasPrice(uint256 _gasPrice) public onlyOwner {
74: function setL1BaseFee(uint256 _baseFee) public onlyOwner {
84: function setOverhead(uint256 _overhead) public onlyOwner {
94: function setScalar(uint256 _scalar) public onlyOwner {
104: function setDecimals(uint256 _decimals) public onlyOwner {
Judge has assessed an item in Issue #112 as 2 risk. The relevant finding follows:
[M-1] Centralization Risk for trusted owners
Impact:
Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
Instances (19):