Retrieving address of contract owner and making call to all smart contract methods

Hey, guys need some help related to enforcing security more on the lines of authentication in my smart contract.

So I have a smart contract that has an owner as the deployers address. This owner will be able to call any of the methods in the smart contract using the web3 library. My question is what if some malicious user is able to identify the owner's address and in turn, he can substitute his own address with the owner's address and make the method calls using the same web3 library. The methods are very critical in nature as they transfer funds. I do understand that only the owner can call certain methods but in this case, the attacker knows the owner's address.

How do I make sure my methods are protected against this user what kind of security mechanism do I need to implement for my smart contract? Or is there a piece of the puzzle I am missing?

You cannot copy the address of your wallet owner because it is unique in openzepellin you can use ONLYOWNER

It is not enough to know the owner address, you need the owner's private key in order to impersonate them.

1 Like