-
Notifications
You must be signed in to change notification settings - Fork 0
/
Calyptus457.sol
36 lines (28 loc) · 1.11 KB
/
Calyptus457.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.26;
// https://x.com/calyptus_web3/status/1851481670932738516
// Checkout this Ownership contract. Can a malicious attacker gain it's ownership?
contract VulnerableOwnership {
address public owner;
mapping (address => uint256) public balances;
constructor (){
owner = msg.sender; // Owner initialized
}
function deposit() public payable {
require(msg.value > 0, "Must send positive value");
balances[msg.sender] += msg .value;
}
function withdrawAll() public {
require(msg.sender == owner,"Only owner can withdraw");
payable(owner).transfer(address(this).balance);
}
function renounceOwnership() public {
require(msg.sender == owner, "Only owner can renounce ownership");
owner = address(0); // Owner renounced
}
function resetOwner(bytes32 newOwnerHash, uint8 v, bytes32 r, bytes32 s) external {
address signer = ecrecover(newOwnerHash, v, r, s);
require(signer == owner, "Invalid signer");
owner = msg.sender; // Owner assignment
}
}