[audit-fix(#9)] Adminship can be renounced

osmosis-labs · May 6, 2024 · 76e36b7 · 76e36b7
1 parent 33271bc
commit 76e36b7
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 53 deletions.
diff --git a/contracts/transmuter/src/contract.rs b/contracts/transmuter/src/contract.rs
@@ -757,16 +757,6 @@ impl Transmuter<'_> {
             .add_attribute("new_admin", sender_string))
     }
 
-    #[sv::msg(exec)]
-    pub fn renounce_adminship(
-        &self,
-        ExecCtx { deps, env: _, info }: ExecCtx,
-    ) -> Result<Response, ContractError> {
-        self.role.admin.renounce(deps, info.sender)?;
-
-        Ok(Response::new().add_attribute("method", "renounce_adminship"))
-    }
-
     #[sv::msg(query)]
     fn get_admin(
         &self,
@@ -2040,26 +2030,6 @@ mod tests {
         .unwrap();
         let admin: GetAdminResponse = from_json(res).unwrap();
         assert_eq!(admin.admin.as_str(), candidate);
-
-        // Renounce admin rights
-        let renounce_admin_msg = ContractExecMsg::Transmuter(ExecMsg::RenounceAdminship {});
-        execute(
-            deps.as_mut(),
-            env.clone(),
-            mock_info(candidate, &[]),
-            renounce_admin_msg,
-        )
-        .unwrap();
-
-        // Check the current admin
-        let err = query(
-            deps.as_ref(),
-            env,
-            ContractQueryMsg::Transmuter(QueryMsg::GetAdmin {}),
-        )
-        .unwrap_err();
-
-        assert_eq!(err, ContractError::Std(StdError::not_found("admin")));
     }
 
     #[test]

diff --git a/contracts/transmuter/src/role/admin.rs b/contracts/transmuter/src/role/admin.rs
@@ -125,18 +125,6 @@ impl<'a> Admin<'a> {
         }
     }
 
-    /// Renounce admin rights
-    pub fn renounce(&self, deps: DepsMut, sender: Addr) -> Result<(), ContractError> {
-        // Make sure that the sender is the current admin
-        let current_admin = self.current(deps.as_ref())?;
-        ensure!(sender == current_admin, ContractError::Unauthorized {});
-
-        // Set the current admin to the candidate
-        self.state.remove(deps.storage);
-
-        Ok(())
-    }
-
     fn state(&self, deps: Deps) -> Result<AdminState, ContractError> {
         self.state
             .may_load(deps.storage)?
@@ -288,16 +276,5 @@ mod tests {
             admin.state.load(&deps.storage).unwrap(),
             AdminState::Claimed(new_admin_addr.clone())
         );
-
-        // renounce by non-admin
-        assert_eq!(
-            admin.renounce(deps.as_mut(), old_admin_addr).unwrap_err(),
-            ContractError::Unauthorized {}
-        );
-
-        // renounce by admin
-        assert_eq!(admin.renounce(deps.as_mut(), new_admin_addr), Ok(()));
-
-        assert_eq!(admin.state.may_load(&deps.storage).unwrap(), None);
     }
 }