As a result of the audit process, our suite of smart contracts was rated "Secured", with the highest rating being "Well-Secured". The reason for this was the centralization of contracts. According to the report:

This smart contract has some functions which can be executed by the Admin (Owner) only. If the admin wallet private key would be compromised, then it would create trouble.

Following are the instructions on how to renounce to the owner priviledges and if it is advisable or not.

Ube and Almond

Ownership

The audit report of the Stakes contracts (Ube and Almond) states that "the owner can set critical values like interest rate, penalization, maturity, etc. If the admin wallet private key would be compromised, then it would create trouble, also the owner itself can change the ownership to any arbitrary account"

The audit results are correct, but we strongly recommend that contract owners DO NOT RENOUNCE ownership of their Ube and Almond smart contracts. Doing so renders the contracts unusable because the "owner" of the contract is responsible for approving the funds for the contract and thus paying interest to the Stakers. If the owner renounces, then no one will be able to pay interests.

In this way Ube and Almond contracts are centralized in nature, and cannot be decentralized.

Matcha and Suika Ownership

The audit report of the NFT Marketplaces contracts (Matcha and Suika) states that "The owner / admin can change the commission percentages, payment token, etc."

Functions involved

updateAdmin - The owner can change the commission percentages, payment token, etc.

grantRole - Any new role can be granted.

revokeRole - The owner can revoke a particular role.

autoMint, mint and safeMint - Minting methods

Renounce Ownership and Admin Role

To make the smart contract 100% decentralized, we suggest renouncing ownership in the smart contract once its function is completed.

Matcha and Suika smart contracts has two differente variables to manage settings and role parameters: `admin` and `contract_owner`

To renounce to both, ownership and admin priviledges in order to make contracts independent and fully decentralized, you can set "admin" and "contract_owner" to "zero address". This way, no one will be able to change the settings of your smart contracts.

Renounce Minter Role

In Suika and Matcha, the minter can mint tokens as needed. This can lead to centralization problems. So, if you want your collection to be fully decentralized, renounce the minter role when the collection is fully minted, or depending on your needs, open the collection to anyone who can mint. If you want to achieve the first option, changing ownership to zero address will cause your account to also renounce the minter role.

Steps to Renounce Ownership, Admin and Minter Role

Renounce ownership