// SPDX-License-Identifier: MIT
// Compatible with OpenZeppelin Contracts ^5.4.0
pragma solidity ^0.8.28;
import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import {ERC20Pausable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Pausable.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
contract Mytoken is ERC20, ERC20Burnable, ERC20Pausable, Ownable {
constructor(address recipient, address initialOwner)
ERC20("Mytoken", "MTK")
Ownable(initialOwner)
{
_mint(recipient, 1000000 * 10 ** decimals());
}
/*
Pause contract
*/
function pause() public onlyOwner {
_pause();
}
function unpause() public onlyOwner {
_unpause();
}
/*
Token Supply
*/
function mint(address to, uint256 amount) public onlyOwner {
_mint(to, amount);
}
function burn(address account, uint256 amount) public onlyOwner {
_burn(account, amount);
}
function _update(address from, address to, uint256 value)
internal
override(ERC20, ERC20Pausable)
{
super._update(from, to, value);
}
}
In the code above, I only wanted the bun functions, burnFrom() and burn() to be only callable by the owner of the contract.
Whe I compiled the above code with onlyOwner how ever, another accident that wasn't owner was able to call burn().
Is the a bug within ERC20Burnable ? or is my code just wrong?
- How do I fix this?
- Thanks in advance!